This whole coffee thing seems like a distraction to me. The Microsoft toolkit is very primitive. It doesn't do much more than run standard system utilities that are freely available, and log the results to a USB drive. It is an amateurish tool for people who know little or nothing about computer forensics.<p>Any law enforcement agency worth its salt is going to have a computer forensics department smart enough to <i></i>remove the hard drive<i></i> from the machine in question, and examine it in a non-destructive way. Thus this decaf toolkit is useless.
A key sentence lurks at the bottom of the article:<p>"The hackers, however, have not released source code for the program, which would make it easy for anyone to see if the program contains malware that might also harm a computer or allow the attackers to take control of it."<p>Hmmm.
Personally I think the most secure option would be to setup a system to physically destroy the computer's HDD and therefore any information contained on it.<p>Perhaps a 1.8" HDD in a 2.5" carrier with the spare space being taken up by Thermite and an ignition system?<p>Don't enter the correct BIOS password within 30 seconds of a boot attempt? Buh Bye, HDD.
Doesn't this sort of rely on there being a OS to host it? How can Decaf run if the cops have booted off their USB stick and the onboard HD is just being scanned?