By Nick Heath, 3 June 2009 15:30
NEWS
Police are in talks with companies about deploying a tool to detect evidence of illegal activity on PCs, aiming for it to be as easy to use as a breathalyser.
Officers in the Association of Chief Police Officers' (Acpo) e-crime group are looking into commercial devices that can search text, pictures and computer code on a hard disk for material of interest.
Such 'digital triage' tools would allow police the flexibility to search for anything from text in emails relating to stolen goods to illegal images.
Forensic specialists within Acpo are examining how commercially-available digital triage tools can be adapted to develop the device, which they want to be as easy for frontline officers to use as a breathalyser.
Commercially available digital triage tools targeted at law enforcement typically boot the target computer using a CD, which runs a forensically sound operating system to preserve the integrity of the data it holds for use in a criminal case. A separate program run from a USB drive will then search the disc for the material and extract it to the drive.
An Acpo spokeswoman told silicon.com: "[Acpo is] working with a commercial outlet...
Click here for page two
Comments
There are 6 comments. Join the discussion
1. anonymous
And what will the cops do when everyone simply encrypts their harddrives or incriminating materials?
2. anonymous
They will simply call the NSA and get there wiretap logs.
3. karen challinor
Anon, US - well here in the UK the police will simply ask for the encryption passwords under RIPA and if they aren't forthcoming immediately the owner of the PC will go to jail until they are, "oh I forgot it" isn't accepted as an excuse
and I bet you thought your state was intrusive in the US
any private individual who encrypts anything must hand over the decryption keys to any person in authority on request or face jail
and for some years now a person of authority includes anyone who works for the local council from filing clerks upwards, firemen, ambulance service personnel .... the list is quite long and personally I don't see the need for them to have these powers at all
4. karen challinor
so basically there aren't enough computer forensics experts employed by the police
and the response is not to hire more forensics experts as thats expensive, but to pay someone to develop a box that does the job of a forensics expert and can be used by someone with little or no training
now when I was very young and people started using digital calculators to solve maths problems (yes I am that old), one of the things I was always told was that it's advisable to know the ballpark figure for the answer before you use the calculator just in case you hit the wrong key and get something completely ridiculous, in other words you had to be capable of solving the problem without the calculator
so it would be advisable for the person using this "CSI team in a box" to have enough forensics training to know if they've made an error in their investigation
which basically means, they need to be a forensics expert and if that's the case why bother with the 'simple' box why not have the full toolkit
5. drew stephenson
Classic case of people not understanding what they're asking for. "Let's make forensics as easy as using a breathalyser". Right. So you're going to make analysis of terabytes of data in a near infinite combination of variables as simple as testing for a single chemical compound. Hmm...
6. karen challinor
drew - it's part of a fairly prevalent attitude
the people who understand technology are viewed with deep distrust by those who don't and it's those who don't who tend to control the money
they spend that money trying to replace the technologically aware people with simple automated equivalents that usually produce results that they are incapable of interpreting correctly
but why bother when they can make the results say whatever they want, as long as there's no one who understands the results to argue against them