A security tool developed by Microsoft to help criminal investigators recover forensic evidence from PCs has leaked onto the Internet and into the hands of the general public. COFEE. or the Computer Online Forensic Evidence Extractor, is designed to help law enforcement officials recover evidence from any computer used at the scene of a crime, regardless of their own level of computer skill. The tool, available in the form of a USB pen drive with software pre-loaded, captures volatile information such as records of active system processes that could be destroyed when the computer is powered down to transport it to a forensic lab. With less than 10 minutes' training, an official can capture this data through a simple graphical interface. Just a few months ago, Microsoft proudly announced its association with Interpol, which began using COFEE.

Now that it is in the hands of online criminals who will undoubtedly study its inner workings, the tool's effectiveness is sure to be compromised.