Slashdot Mirror
New US Computer Forensic Institute
Quincy writes "The DHS and Secret Service are setting up a new computer forensic institute in Alabama. Set to open in mid-2008, the new National Computer Forensic Institute will be able to train over 900 law enforcement officers per year. 'It will initially be staffed by 18 Secret Service agents and will feature classrooms, a forensic laboratory, an evidence vault, and server rooms. Courses will be offered in the investigation of electronic crimes, network intrusion investigation, and computer forensics... [T]he Secret Service says that it will help to bring judges and prosecutors up to speed as well.'" Maybe over time we'll see fewer botches of justice like those in the news recently.
Do you HAVE to be a law officer, or can anyone sign up?
The simple truth is that interstellar distances will not fit into the human imagination
- Douglas Adams
Queue the banjo music.
"Have you ever thought about just turning off the TV, sitting down with your kids, and hitting them?"
J. Edgar no doubt ;)
Figuring out what happened in a computer system months after the fact is not easy. Most programmers have more than enough trouble figuring out what exactly happened in their own programs thirty seconds ago.
Still -- not to say it's a bad idea. You have to start somewhere...
I hope they go after spam, those stock spams are the worst.
Libertarian Leaning Political Discussion Forum.
the NPG electrode was replaced with carbon blac
...if they will be training the staff on Helix. I'm not in the security industry myself, but that is one helluva handy LiveCD to keep around.
Despite the backing of the DHS budget, they're gonna need every free piece of help they can get.
Slashdot? Oh, I just read it for the articles.
FTFS: " Set to open in mid-2008, the new National Computer Forensic Institute will be able to train over 900 law enforcement officers per year. 'It will initially be staffed by 18 Secret Service agents and will feature classrooms, a forensic laboratory, an evidence vault, and server rooms. "
Holy fsck! A full year from now? In a year computers will have changed enough to cause this to falter badly from the start! It will take only one worm of the right design, one change to hard drive technology, one of any number of things to change the virtual face of computer forensics. That change could happen next week. This taking over a year to put in production doesn't sound even close to flexible enough to accomplish the stated goals!
Support NYCountryLawyer RIAA vs People
WTF? This is -1 off topic but this other post HERE is funny?
To whom ever modded this down: BLOW ME
Fucking SlashDot community keeps getting lamer and lamer each year...
Police investigators need much more than the theory, they need indepth coverage of the practices. Prosecutors and judges need more of the theory, the pros and cons, etc. A prosecutor doesn't need to know how to hunt down a trojan horse, but should be able to look at a police report and for the most part completely grok the methods the police used as a knowledgeable reader. Same with the judge.
The Secret Service says that it will help to bring judges and prosecutors up to speed as well.'"
What about defense attorneys?
You do not have to be a cop. Any employee of the Ministry of Truth will be allowed.
"Flyin' in just a sweet place,
Never been known to fail..."
If you are innocent, you will not be convicted. Asking for a defense lawyer is an indication of guilt.
Blar.
Microsoft must be the biggest supporter of computer forensic investigators.
Even since DOS 1.0, Microsoft operating systems never really erase a file. Now, they use cache, temp files, and the recycling bin to make lots of copies too. And that's only on the unerased portion of the hard drive. Chances are there are more copies on the erased data sectors.
Most users who really want to erase a file from the file system have to erase about two or three copies (if they know where the copies are). Wiping a file only zaps the original, not the copies.
Those investigators have it too easy.
My wiping program is made by Craftsman Tools (claw or ball-peen configuration)
WTF? This is -1 off topic but this post is insightful?
To whom ever modded this up: BLOW ME
Fucking SlashDot community keeps getting lamer and lamer each year...
The federal government currently does this kind of training at the Federal Law Enforcement Training Center (FLETC) in Glynco, Georgia. I was a federal employee working for an Office of Inspector General, and I went to FLETC for 2 weeks of digital forensics training in a classroom. I was NOT a sworn LEO (i.e. couldn't take oaths, arrest people, or serve subpoenas), just an "IT Specialist", but a federal employee nonetheless.
Most of the other people in my particular class were State Department, assorted Interior (USFWS, BLM), or state/county/local cops (FLETC trains them if their org pays for it).
With the first link, the chain is forged.
Am I the only one here who got a laugh out of this?
Redneck #1: (pokes computer with a stick) "dang, can't say ah evah seen one of dem der thangs b'for"
Reneck #2: (spits out chewing tobacco) "Well, ah dunno wut dat der thang is, but I rekon we oughta be shootin' it bout now"
Redneck #1: (opens beer from 6-pack holster on belt) "hmm, watchu say we take dis inta town here, and seeif summun'll know what it is?"
Reneck #2: "boy.. are you kiddin? We's the smart ones in dis heah town! I'm tellin ya'll that dis is from space. Dat's waht dis is! A space ve-hic-al"
I am open source, and Linux baby!
quoth the grunt "me have baaad feeling about this".
isnt it always these people who are supporting the RIAA/MPAA/BSA/etc in open memos to congress and various other bodies.
I'd rather we "bring judges up to speed" by sending them to their local state u for a crash BA in computer science, where they will get "enough" of the theory they need to make judgments that are not incompetent, but without the bias from an organization which by its nature attracts inflexible authoritarians.
VLC FOR MAC IS DYING! IF YOU DEVELOP, PLEASE SAVE IT!!
"Please describe the scientific nature of the 'whammy'" - Agent Scully
"If you're a bad guy and you want to frustrate law enforcement, use a Mac."
if (this_player()->query("made a mistake"))
{
if (criminal(this_player()))
this_player()->retribution();
if (oneofus(this_player()))
this_player()->rehabilitation();
}
It is commonly known that the majority of police officers know absolutely nothing about civil liberties, right to privacy or any other constitutional or legal rights. This is why you are never supposed to argue with an officer. Their job is to arrest you when they think you're doing something wrong and let the law sort you out. This is also why they frequently infringe on a number of your rights. Either out of lack of concern or simple ignorance.
Likewise, one should be incredibly frightened at the concept of an officer who is equally ignorant or unconcerned about your rights being capable of investigating your most vital and private of information and communication.
Not to mention, you know, the whole history of commonly fabricating evidence.
different people get mod points. /. is not one big group think, and it never has been.
The Kruger Dunning explains most post on
You're exactly right about the Secret Service. Keep going with that list. What is "currency" these days? Almost all the dollars in the world are computer records. Their anti-counterfeiting mission put them in the lead to deal with computer crime.
Computer forensics has not changed beyond recognition in the last year, probably won't in the next year, and in any event a lot of investigations will on Windows 98 machines and others that are more than a year old. There will have to be continuing education classes to cover things like the new issues raised by mobile phones, but a good theoretical background (hash the media, preserve the evidence, check for malware) will cover most of the new technologies.
But will this computers have the ubiquitous CSI "Picture Enhance" feature?
COputer will not change that much in a year.
How much ahve they changed in the last year? in the last 3? not much, and a faster processor doesn't matter here.
Of course, that's not the real issue, the real issue is determining how people use their computers.
The Kruger Dunning explains most post on
I think it should have been "-1 Troll".
troll
And then the name of the file is in several places in the registry, and linked to from the \Recent directory.
I've told clients that using Windows is like being stalked by paparazzi.
The following are requirements to get your BoCF (Bachelors of Computer Familiatrity)
First Term: The Computer and You.
- You will learn the basics of which components contain any data. Certain peripherals are not useful when seeking evidence. After this course; you will be able to identify the CPU during searches and also learn which components commonly have fingerprints on them.
Second Term: Basic Computer Handling.
- You will learn the basics of how to "unplug" (don't be scared, the class comes with a glossary of this and other "techie-talk" you might encounter) different components. Also, proper lifting techniques to prevent damaging parts.
Third Term: Computer Showmanship
- This class will teach you proper showmanship for the local newspaper photos after your successful seizure. For instance, "which way to face the computer" for the camera. Advanced students will also be allowed to open the computer up and learn what parts to point at for an even more dramatic effect.
Fourth Term: Advanced Seizure Techniques
- In some cases, the computer may be "on" or possibly have a "screensaver" running. This class will teach you the advanced techniques for getting the computer ready to be unplugged, lifted and taken a picture with. Graduates of this class applying things learned throughout the course have had much success in being able to seize a computer (successfuly) for the local news channel.
Right, because when I think of cutting edge technology I think of Alabama!
...
"Did you find the files?""I don't even know what they loo-- What do they look like?"
"They're in the computer."
"They're in the computer?"
"Yeah, they're definitely in there. I don't know how he labled them."
"I got it."
"You gotta figure it out. We're running out of time. You gotta find them and meet me at the show."
"Roger. In the computer. It's so simple."
"Oh, no."
"Down! (He smashes the computer) Where did all the files go?"
On the negative side, law enforcement has a pretty bad case of tunnel vision when it comes to looking for crime. Store any p0rn on the server and they'll sniff it out like bloodhounds. Evidence that friends of the current administration might be moving assets illegally to Dubai. Sorry, we didn't notice that.
Have gnu, will travel.
Really erasing a file takes a long time. The computer doesn't really erase memory either when it's freed up it just marks the space as free, it doesn't zero it (does on allocation though). There's no good reason to have an erase by default option, and many good ones not to. Hell, Vista even takes it a step further and uses your free space for old versions backups. No surprise, there's people who make big money (NetApp) selling things like that as a feature.
If you want a secure deletion, well then install a tool to do it. MS provides a good one called sdelete and there's others out there.
Basically, most people don't want to wipe their data out, it just takes extra time and gives them no benefit. If you do, then you should be able to do the minimum amount of research necessary to get the tools you need and disable the backups you don't want.
Subtlety improves the quality of humor. So, yes, yours is more troll than funny.
Besides, banjo music is pretty funny in its own right.
//Information does not want to be free; it wants to breed.
The Secret Service is a very effective police agency, and they'll probably do a good job of it. On the other hand, the DHS runs the TSA and the immigration service and has an appalling civil rights record. I can only hope that the Secret Service prevails in the operations of the Institute.
Links
Secret Service press release (PDF)
DHS copy of press release (HTML)
This isn't really new... anyone that has read Sterlings' "Hacker Crackdown (http://www.mit.edu/hacker/hacker.html) will know about FCIC and FLETC and their role in giving some structure to the 80's/early 90's law enforcement personnel (mostly Secret Service). Actually, I'll go slightly offtopic - and only slightly, since the chapter "Law and Order" goes directly to the topic at hand - and recommend taking an hour to read the mentioned book, *tremendous* insight on the relation between law, technology and civil liberties. It's a detailed account about "Operation Sundevil", which most people know about as the taking down of LoD and Phrack, and the creation of the EFF. I remember the turmoil in the scene back then, and the book does a marvelous job on describing the hacker culture of the 80's.
I pity the fool who chose to work in computer forensics. 99% of standard law enforcement computer forensics is watching millions of images and movie clips of infants getting raped. Not my idea of a work environment suited for maintaining mental stability. If you wanna be a "anti-hacker superhero" then go work for the NSA. Outside NSA there really are only a few positions at the FBI, CIA and Secret Service that fits that description. Oh, and CTU Los Angeles.
SIG: TAKE OFF EVERY 'CAPTAIN'!!
Don't tread on me...
www.TakeArms.com
From a previous discussion of 'securely erasing a HD' ISTR that 'powerful' is an understatement. You pretty much need an MRI scanner to be sure your data is dead. Consumer-grade magnets won't do.