Top UK cybercop dreams of PC breathalysers A breathalyser-style tool for PCs capable of spotting potentially illegal activity is needed in order to address a mounting computer forensics workload. However experts in the field warn that such a device, desirable though it might be, could be difficult to develop in a reliable form. Detective Superintendent Charlie McMurdie …
so he will have to wait for the recognition software to be developed and for the AI to adapted it. Then let the AI flag the files or emails that need human attention.
hummm... that will be a long wait
as for the 2nd part, remote access is no something that everyone will allow. Especially if that can't see what the other person is accessing.
Let me guess how many OS-es will this tool support. The choice is 1 from 1.
No thanks, I'd much rather have my tax pounds invested in better "scientific support" units capable of gathering evidence on site. And from there on the experts will decide on who and what. A PC in this day and age costs a bag of peanuts and if you do not have backups (especially off-site ones)... Well... You get whatever Christmas you deserve...
Reg' staff can we finally have a "Labour with Horns" icon please. Any labour. Tony preferred, but the non-Flash will do as well.
How the hell does some incompetent with such utter ignorance of custody and chain of evidence procedures become the "top" at anything? I know the pigs aren't renowned for their intelligence, but you would have thought they tried to promote the slightly-less clinically thick amongst their ranks...
"Say one of the banks is attacked and we need to have a look at one of their hard drives: that bank would have something that they can plug their system in to and that connects to this central forensic server,"
Like, oh, I don't know a communications network of some kind, one that extends over the whole country and you can set up Private, encrypted communication sessions between two hosts in geographically diverse areas?
Now how would we go about that? I know, let’s set up a committee and investigate the methods that could be used. Might only cost a few hundred million pounds!
will freek out at this, but if I read it correctly it seems like a good idea. Im sure some people will say Im wrong, but what he seems to want is not so much something to analize for evidence, but like a breathaliser, sothing that will give an indication as to wether it is worth further tests.
>> > Experts reckon that developing a simple PC breathalyser-style device would involve overcoming challenging technical problems
Sorry officer, I wasn't aware you needed access to my encrypted file system, the keys for it are on a usb stick that you appear to have lost when you took xx PC's from my home. Or perhaps it went the same place as the goldfish...
<smug grin/mode>
Well possession of a bestiality pic is a crime soon in the UK, (courtesy of Jacqui Smith MP for Reddich). If they had fewer thought crimes, there would be less reason to search the PC ( a PC is really just a communication device that happens to leave an audit trail) .
When they invent a brain reading machine, Jacqui Smith will make some REAL thought crimes, and you will be locked up for your thoughts. Have you seen a bestiality pic? Have you ever IMAGINED a bestiality dream? The thought machine will tell and you will go to prison. An officer will be demanding a faster thought crime scanning machine to make his job easier.
"Top UK Brain cop demands Breathalysers for Brains"
Y'know the Victorians had a similar arguement for recognising criminals. They started photographing faces of all criminals. Looking for that common denominator that would let them walk into a room Poirot style and walk out with an arrest.
Sounds like a great idea.
Flawed principle though.
Same with the PC.
Lets do the kiddy porn thing. Gotta think of the children... (as in protecting!).
Scan all images on drive, flesh tones are way up, childrens faces in the photos (Honest! my Sony Cybershot does this....) => you're nicked you paedo!
Oh, own family shots from the beach....
Never mind, gotta ruin 50/500/5000* families to stop that one paedo!
*adjust to your liberal bias
Sadly, I suspect that finding anything encrypted would be evidence enough for this government that you had something to hide and therefore your pc would be seized and a flag added to your crb check in case you were later found to be innocent. A CRB flag is for life, not just for Christmas.
Mine is the one with the pockets stitched up so you can't see inside.
Clearly noticing that Detective Superintendent Charlie McMurdie is in fact a WOMAN is a bit of detective work some of those posting comments aren't even capable of.
An alternative proposal: A single stand alone (write once only?) certifiable drive cloning device.
So police arrives, takes the hard disk from each of your computers and clones it byte for byte onto a drive or any sort of media that can be exhibited.
Of course you still have the remote storage problem if your illegal booty is on "the cloud" but at least there might be cache files if the miscreant isn't all that clever. And lets face it, if they were then the police wouldn't be at their house to begin with.
The problem with a copy as an exhibit is that it will need either a change in the law or at the very least clear and agreed guidelines for the judiciary so that the information obtained from then can be accepted as being of the same quality as the original. There are issues with privacy as well, but eh problems associated with retention and exclusion of legally priviledged material are not insurmountable, and certainly not new.
It certainly does take some steps to reduce the intrusiveness and disruption to a suspects life an business. So while police can say that at this date and time these computers contained this information the suspect can carry on without being without what might be vital equipment. The alternative is the PCs sitting in a storage facility till the case comes to trial, and beyond. And if you consider an employee of a company being the suspect and not the company itself you can imagine the implications for the business.
The issues with long analysis times are not unique to PC examination. Analysis of DNA from apparent blood let alone low copy number can take a significant time, even fingerprint analysis is not quick. But as with everything, capability will be dependant on demand. As the requirement grows and becomes perhaps a viable market for private providers then it'll get better.
But in a climate where fraud is not given significant resources or attention from the government and media its only to be expected that those given the training and equipment, both of which are very expensive, within any force will be limited.
And don't forget investigating this sort of crime is complex and costly. Now from the police's point of view that doesn't matter they have a duty to carry on but most financial institutions recognise the time and cost involved in obtaining sufficient evidence for a reasonable chance at getting a conviction is often much higher than the cost of the fraud itself so they don't bother. Policing is a resource limited by statute so at some point the decision comes down to: Do we apply resources to finding the murder or the scammer who got away with money from a bank who aren't interested in trying to get it back?
'You can't just plug a memory stick into a PC and extract internet history files...'
Errr.... Yes you can. Just boot from a USB stick, mount the hard drives as read only and read the history files of all the web browsers installed on that machine.
Not brilliant PR for this Disklabs company is it?
Fishing expedition are normally not allowed. Normally a crime is suspected, the evidence for that crime is then searched for, the crime FILTERS the amount of evidence searched for. Looking for financial crime, grab a spreadsheet, looking for downloading of a kiddie prn on 19th jan, go look for files of date 19th Jan.
Now things are more fluid, rozzers arrest and seize equipment based 'fluff' laws and then look for something to prosecute for, ANYTHING, they want a device that takes a computer and turns out the arrest report.
Welcome to the UK, they shoot on sight without warning and claim it's necessary to kill suicide bombers before they blow up their bombs..... yet they let the bomber on the train and can't explain why they were sure enough to shoot without warning, yet not sure enough to let him get on the train.... and nobody is wrong, but a man is dead.
From EnCase website
"File systems supported by EnCase software: FAT12/16/32, NTFS, EXT2/3 (Linux), Reiser (Linux), UFS (Sun Solaris), AIX Journaling File System (JFS and jfs) LVM8, FFS (OpenBSD, NetBSD and FreeBSD), Palm, HFS, HFS+ (Macintosh), CDFS, ISO 9660, UDF, DVD, ad TiVo® 1 and TiVo 2 file systems".
Seems pretty comprehensive...
Is it just me, or is this suspiciously similar to the plot of The IT crowd last night.. Get the computer illiterate PR bod up in front of a bunch of computer illiterate shareholders. Give her a box with a flashing light on it and tell her it's the internet. Room full of idiots are impressed.
Somewhere there has to be a geek that put the idea into her head as a windup and never thought it would go outside the agency..
Now if only we can get her to promise to never type Google into Google.
seriously where do these people come from, a plod in charge of 7 million what a waste of money.
The UK is about to go under a hail of cyber attacks, as soon as the recession kicks in early Jan it is not going to be pleasant. We need the best of the best protecting UK interest in CyberSpace, instead we have got someone's granny :)
She needs to come out and explain her credentials or is she just a fraud, trying to manage something that she knows nothing about. What next, ex Russian KGB runing taps over UK communications for 'ad' purposes?
Well, at least the Police Officer that made the statement knows he's not a scientist, and don't we too!
Police at the moment (from close observations of documentaries on television where they've removed PCs from offices/people's homes) use devices to protect the hard drive being written.
They have to physically remove the hard drive and plug the gadget in between the motherboard and the hard drive.
The suggestion that some sort of technology could be used without using the write blocker is laughable. It wouldn't be accepted by the legal system, a defence could always then use "It's been tampered with, I've been stitched up". Civil liberties groups wouldn't accept it either.
So the only way forensic evidence is going to be gathered is using a write blocker, which means extracting the hard drive from the laptop or desktop.
So out of several PCs in a home, only one might contain the incriminating evidence, but you don't know which one it is, and they all are going to have to be treated as if they all potentially have the evidence.
"Welcome to the UK, they shoot on sight without warning and claim it's necessary to kill suicide bombers before they blow up their bombs..... yet they let the bomber on the train and can't explain why they were sure enough to shoot without warning, yet not sure enough to let him get on the train.... and nobody is wrong, but a man is dead."
I'm actually believe that if you suspect a sucide bomber - and have good suspicion, such as being able to see the the bomb, or having correctly ID'd them - then I feel that you should shoot without warning. Give a warning an give the person time to blow themselves up?
Got to be joking, no way. The objective has to be to prevent them from blowing themselves up and killing people around them, so best course of action: no warning.
However, in the case of de Menes, the Police really screwed up big time, nobody carried out a positive ID of the target. And what's more, de Menezes wasn't carrying any kind of explosive device, so the Police officers that executed him didn't even eye him up and down properly to look for the presence of a bomb. ( ok, he might have been hiding the entire thing under his coat)
And the person leading the entire operation get's promoted, how's that right?
In my view, the Police officers already made the decision to execute him, if they hadn't, then there must have been a point in time where they did make the decision, so when was that?
When they saw him on the underground train? What caused them to make the decision that he needed to be executed, did they see the presence of a bomb ( no, obviously), did they carry out a threat assessment as they're supposed to do?
The fact (and I think we can safely assume it is fact now) that the Police officers lied at the inquest suggests a) they knew they'd done wrong, b) they were trying to cover something up.
This just goes to show how out of touch the police are today.
It reminds me of the guy who talks into his mouse and expects the computer to do what he says. Sure there is voice recognition but it doesn't work very well in anything other than very specific circumstances.
It seems to me that the police need to look at what they are doing and have a huge shakeup. They are completely unable to deal with any technological crime and completely ignore any type of fraud, leaving that to the banks/credit card companies if you are lucky. Meanwhile they are running around in paranoia arresting anyone with a pc as a paedophile or for accessing an open wifi point. What they need is not a magic black box to tell them how to do their jobs, it is more technical people who actually know what they are doing in the areas of modern crime.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
