You sorta knew this was going to happen. Microsoft COFEE, a highly secretive forensics tool used by law enforcement, leaked onto the Internet several weeks ago. People far smarter than I got a hold of it, and have created what has been dubbed DECAF, an anti-COFEE set of tools that you can install to block the effects of COFEE.
DECAF, which obviously only runs on Windows, works upon the execution of COFEE. When COFEE is launched, DECAF kicks into high gear, and tries to counteract every one of COFEE’s utilities.
It’s sort of strange, but DECAF isn’t open source. Well, weird only in the spirit of the application; the source isn’t available because the creators don’t want their information reverse engineered.
via The Register