Looks like a tool for espionage more than anything else

Microsoft is now hiring Communist Police officers Probably on a work VISA. He did NOT TELL that to Congress when he was begging for more foreign workers!!!! Any Commie MCSE candidates here needing work?
Looks like they have moved from being Big Bother To Big Brother.
Remember the secret update that you did not know about until some savvy individuals figured it out? It did not go into a BACK DOOR that damn thing went through the FRONT DOOR, The Window and the Garage!!! All while you were home. Can you spell S T E A L T H.
After being a Microsoft Systems Engineer for some years I learned a long time ago NOT to TRUST Bill Gates...... He is also AGAINST Hiring AMERICAN WORKERS......They just will not put up with this BS.

Whether or not this tool is useful - I can guarantee you that any information gathered while using it will be absolutely inadmissible in a U.S. courtroom. No chain of custody, no data verification procedures, etc. This is tier 1 forensics at best.

This tool will fall into the hands of common crackers within months most likely. The cat is officially out o' the hat. I'm certified in xp... and if there is no back door (which btw uh-hem uh-em.. never mind (sigh)) a good password like Th1s1sthePWD!@# would be unbreakable otherwise.
Make sure you set the screen saver > password protect on resume. (for 5 or 10 minutes in case you leave your pc unattended).

Any one care to guess as to how many GPL licenses were broken over this one? I can think of many...
And the implications ARE quite hazardous. THIS is one of the many reasons Windoze never enters my home. Heck, you don't even NEED a USB drive. An internet connection is all one needs to gain access to a machine.
If people REALLY think they can do all they need to without removing the machine, I have a few hundred gigabytes of data that will NOT fit on ANY USB thumb drive (even if it was provided by Microsoft).
Really, really pointless. The last time MS did something this idiotic was when they released VB6 to the masses. Now we have a LOT of ignorant coders running around. Do we REALLY need ignorant law enforcement personnel having NO way to verify if their training and information are GOOD? Would we trust a police sargeant to conduct DNA tests? Why? Because they have no clue. Even if trained, they would still have no clue.
Idiocy at its best.

I am a IT person working for a law enforcement agency and from my experience, the best law enforcement could do is something like:

1. Plug USB stick into computer
2. Click on the "Gather evidence" button
3. Hope it works...

Within every revolution lie the seeds of it's own destruction.

In 2012 will we see Vladimir Putin running for supreme Oberkommander here in the U.S.? The FBI is already catching up with tactics of the old KGB. I'm old, I don't really give a S--T, but younger people should begin to think about dealing with this government in a not so nice way!

I think America is ready for the second tea party!

This may be good for police but not for business. Based on this I can't upgrade, assuming they even make Vista reliable. I have a lot of personal data related to my business including customer credit card information etc, stored on my computers.

Knowing this back door may be there probably puts me personally at risk for theft of data as related to Visa and other merchant account rules regarding safeguarding of consumer data.

More reasons to move toward Linux as fast as possible.

Tim obviously has no clue what he's talking about. he's never seen Cofee, has no idea what tools are on it yet he has the internet and a computer so he believes himself to be an expert. I have seen this tool and used it. It uses commonly available software, follows the rules and has already been used to prosecute several individuals in the US courts. Like it or not, it works.

Unfortunately, use of this tool will allow many defendents in cybercrime cases to get off, if they can get a defense attorney competent in cyber crimes.

Currently, when a digital forensics teams accesses and analyzes a suspect's hard drive, they do it using tools which have been proven over time to leave the hard drive *completely* unchanged. This allows both sides to know that what is on the drive is exactly what was there when it was seized.

*ANY* change to the drive, no matter how small, invalidates this premise -- and the simple act of adding and accessing new hardware (such as a jump drive) makes small changes to the data on the hard drive.

Now you have a prosecution team that is forced to admit under oath that the hard drive was altered, that it was done by someone other than a digital forensics specialist, and that it was not done under controlled conditions (i.e. it was done "in the field" rather than "in the lab").

I'm sorry, but I must consider this a serious blow against the ladies and gentlemen who try to fight cyber crimes.

Actually Tim is right on target there is no way that any tool should circumvent 'Chain of Custody", but most defendants are not going to have the adequate defense to win. This tool was made to dumb down technology for cops. It is more than likely a set of scripted tools that are already available that gathers information that will fit on a usb drive. The only thing that might make this special if Microsoft wrote an API (backdoor) that makes gathering information easier. The chain of Custody rules cannot be automated. Either you require the proper chain of custody or you dont.

From the "Ophcrack" website:

"Ophcrack is a Windows password cracker based on a time-memory trade-off using rainbow tables. This is a new variant of Hellman's original trade-off, with better performance. It recovers 99.9% of alphanumeric passwords in seconds."