Slashdot Mirror
UK Cops Want "Breathalyzers" For PCs
An anonymous reader writes "One of the UK's top cyber cops, detective superintendent Charlie McMurdie, says the top brass want to develop the equivalent of a breathalyzer for computers, a simple tool that could be plugged into a machine during a raid and retrieve evidence of illegal activity. McMurdie said the device was needed because of a record number of PCs were being seized by police and because the majority of cops don't have the skills to forensically analyse a computer."
So they want GOV spyware? They will still need people to look at the data.
That's pretty much like building a mind-reader to figure out if a person has ever committed a crime. Good luck with that.
There is no -1 Disagree mod. Slashdot.org/faq defines mod options. USE IT.
Won't that only work with alcohol cooled systems?
Steganography, encryption, log erasing, etc. There is no 'out of the box' solution. Every computer is going to require a computer forensics team to go over it unless the OS manufacturer builds in those tools. And you can guarantee that NO manufacturer wants people to know that anyone can just open up your system via a backdoor at anytime.
This is my sig. There are many like it but this one is mine.
Because it's painfully clear your don't understand computer forensics either.
This space intentionally left blank
The next inevitable step for the UK gov't will be to outlaw using encryption on personal computers, because it's "too hard" to break.
This isn't a slippery slope for the UK anymore, it's a landslide, rushing down the mountain, annihilating everything in its way.
Sad.
Combine this with a remote access software, and you don't even need to enter a person's home to scan their PC for files anymore. Forget all this pesky due process for warrants and investigation, we can now scan tens of thousands of computers every day and just fish idly for perps. All done without even needing to look at your screen while the software does the dirty work for you.
1) Hide a remotely detonatable explosive device in your computer /b/
2) Write a script to automatically crawl 4chan's
3) Be somewhere else when the party van arrives
4) KABOOM!
5) Nelson from the Simpsons would then usually say "ha-ha!" but he's locked up on child porn charges because he posted his own nudes on the internet.
Top brass also wants a date with Scarlett Johansson. And a pony for each officer on the force.
I figure the odds are about the same for each.
Tom Swiss | the infamous tms | my blog
You cannot wash away blood with blood
There is going to be a large amount of demand for "Computer Forensics Specialist" in the near future. Too bad the majority of them are going to go to devry thinking they're going to learn everything they need to.
What next, a breathalyser for paedophiles? Murderers? Terrorists? Why does not the UK police use that money to train their people or hire new specialists instead of trying to build a perpetuum mobile? Any criminal worth spending this project's money on is savvy enough to fully encrypt his hard disk. If they are so dumb not to encrypt compromising data, any cop with a few hours of training could find it. So what is this project really aiming at?
Victims of 9/11: <3000. Traffic in the US: >30,000/y
Seems to me this would bring up all problems about probable cause. Just because there is a computer doesn't necessarily mean it's been used for anything illegal, and can't be investigated because of that. It's kind of like, if the cops have a warrant to search for marijuana, and they find a gun, they can't take the gun in as evidence and run it and find that it's the murder weapon in something unrelated. Their warrant is for the marijuana, and just because they find a gun doesn't mean it's anything sinister.
It costs too much money for the Police to pay quality IT Forensics folks. The police want a simple green, yellow, or red light that the police can follow, that is closed source and has it's AI written by policy makers to decide what is legal or questionable.
There are no loopholes. It's either legal or it's not.
The scary thing about this is that it doesn't matter if it works right, it just matters if it gets certified and approved for use as that what it claims it is. And that could just happen.
Power corrupts the few, while weakness corrupts the many.
I really think this is the same mentality that eventually comes to see individual rights and due process as pesky "inefficiencies" that only interfere with "real police work". They seriously need to tell new police recruits that their job is not easy and is not supposed to be easy. If any of them don't like that they should also be told where the exits are.
I think this is another example of relatively well-meaning people who fail to comprehend how dangerous their intentions are because they don't think them through. Let's say there is a device that can be plugged into a PC (maybe the USB port?) and almost instantly tell you whether it has illegal content with no need for expert analysis. Yeah I know that I should also posit the existence of the tooth fairy but bear with me. Who makes this device? How trustworthy are they? Do competitors or other rivals oddly happen to have a higher percentage of "illegal" PCs? Is the device a black box or can the average person examine and scrutinize it? If the cops already don't have the staff or the expertise to perform forensic analysis on PCs, what's our guarantee that they will correctly use this device or that they can offer any sort of assurance that the way it is used won't violate anyone's civil rights? What's to prevent criminals from obtaining one (by whatever means) and making sure that their illegal data isn't where this thing is looking? If I can think of this in a few minutes, WTF are these people smoking that they consider this a serious proposal? Or do they simply not care about these concerns?
You know what you'll probably never see? The police "top brass" asking for a device to help make sure that their officers don't violate anyone's civil rights and that they follow all the laws concerning due process.
It is a miracle that curiosity survives formal education. - Einstein
I'll just use a hot glue gun to seal up all of my usb ports and use ps/2 connectors for mouse and keyboard.
fuzz: HOLY SHIT! THIS GUY MUST BE SOME SORT OF UBER_HACKER!!!
me: Too fucking right. Now you piggies hurry on back to the donut shop or I'll make your cruiser drive you down to the gay district on autopilot with YMCA blaring from the radio. (holds hands up over head, makes "whoooooooooing" scary sound, wiggles fingers menacingly)
fuzz: BETTER TAKE HIM SERIOUSLY! HE COULD DO IT!!
me: Heh. Wankers.
Kwisatz Haderach
Sell the spice to CHOAM
This Mahdi took Shaddam's Throne
Usually, only the stupid ones get caught. Knowing to do what you have suggested, moves one out of the realm of stupid.
For large sets, this will be our guide even unto death, for the LORD will work for each type of data it is applied to...
When I read the headline, I thought they literally meant a breathalyzer, to keep drunk people off PCs. I could probably use one, it would cut down on the drunk IMs and facebook posts.
well i *hic* thinkj tihs is a stipid idea, *hic* and sos ur mothar!1
Forget a tool for computers. We need a tool like this for physical crime scenes. You know: something that would, like, scan crime scenes and find, like, relevant DNA evidence and shit. It could even have an option where it would print out an arrest warrant with the name of the murderer on it.
Seriously, wanting something does not make it appear or even possible to exist. Most people have learned that by age 5. My take is that today it is not even possible to determine what illegal contents is automatically, regardless of what amount of ressources you throw at it. I belive that the AI problem would need to be solved first, and that has been eluding humanity for several decades now, to the point that it is still unclear today whether it will be solved ever.
The solution is of course simple: Decide how important this really is, and then throw the appropriate amount of money at hiring experts. Chances are this turns out to be basically a non-issue. The hard stuff (children harmed in production) is identifiable for cops as well. The soft stuff (music, films, games) is not relevant to continued prosperity of the human race and only gets this much attention because some people turned it into a goldmine. It does not have to be at all. I would expect that broadband Internet and large HDDs make significantly more profit than Hollywood and the music industry combined. And the artists? I do not see any problem there either. Go to a donation-model and the ones that are creative and good will still live well. The others are not of any importance anyways.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Her day job is architect of the UK's Police Central E-crime Unit, so it might be a bit late for that.
Having said that, I get the distinct impression from RTFA that this is pie-in-the-sky "this is the sort of tool we'd like in an ideal world, not that it's even remotely practical" rather than something that's in active development:
said frontline police ideally need a digital forensic tool as easy to use as the breathalyser, to help them deal with growing numbers of computers being seized during raids on suspects' homes
Yep, and I bet they'd like a machine which they can just turn on, punch in details of an unsolved crime and bingo! it tells you the perpetrators name, address, telephone number, the car they drive, their plans for the next 48 hours and where sufficient evidence to obtain a conviction can be found. It's fairly obvious from the article that whatever qualification this woman has, none of them involve technology.
"Reasonable suspicion" is the key phrase here.
If the cop stops you for running a red light and sees something suspicious then he can go further.
But stopping you for one thing does NOT give them the authority to check for everything they can think.
http://en.wikipedia.org/wiki/Reasonable_suspicion
I'm just waiting for the day when a botnet herder decides to find out the answer to the question of "what will the government do when *everyone* is a criminal?"... and malware sends a "care package" to 1,000,000+ computers, consisting of illegal content {child porn / whatever) - then reports the IP addresses to the authorities.
Really, what would the response be? Arrest EVERYONE? Admit that their laws/processes are idiotic? Prosecute a few "as examples" (thereby proving that although the law/process IS idiotic, they would rather sacrifice the principle of laws being applicable to everyone, than admit failure)?
Lawl CAPTCHA: "Uniforms".
the majority of cops don't have the skills to forensically analyse a computer
The majority of cops doesn't even have the skills to find my computer halfway up the old chimney;P However, I'm looking forward to the day they have to work their way through my massive computer-cemetery;->
0x or or snor perron?!
Okay, Sir. We'll just help you out by deleting all those pesky empty files and perform a wipe of your free space afterwards. This will recover all that space that you assure us has nothing of value in it. And then we'll check up on you every week or three just to ensure, mind you, that you don't have any of that pesky encryption stealing away your disc space any longer. It's just all part of the service.
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
As other posters have noted, cyber fraud is hard to prove, since the evidence it leaves behind (data, transactions, account numbers) looks so much like legal commerce. It takes a lot of smart work by educated professionals to prove the difference.
Now you know one of the reasons that the police like drug laws so much: The key facts can be understood and collected by an officer with an IQ of 80 and just a couple months of training.
"We reject as false the choice between our safety and our ideals." --The American President (20.1.2009)
It was really enlightening for me when my camera was stolen, then recovered. The police, after receiving my permission to do so, thoroughly analyzed the pictures the (really stupid) thieves took of them committing other crimes, and the one I had direct contact with explained how they adjusted the incorrect timestamps from the pictures according to the incorrect time of the camera's clock (not rocket science, I know, but pretty decent deductive reasoning for a cop :-)
They correlated the corrected timestamps of the pictures with burglary reports, and they also went to the places in the pictures to inform victims who didn't yet know they had been robbed.
But what really impressed me about this was that they requested permission before searching my camera (especially since I was the victim and not a suspect.)
-fb Everything not expressly forbidden is now mandatory.
It's in the goddamn rfc, they HAVE to follow it. What are you, from Microsoft?
The first thing that occurs to me is that any appliance easy enough for a beat cop to use couldn't be very high-grade forensics. If there is a standard set of techniques used by the appliance, there will almost immediately (as soon as one is stolen) be a standard set of work-arounds. After which, only the profoundly stupid and/or set-up will ever be caught.
On the other hand, it occurs to me that the authorities only need the occasional high-profile arrest to keep funding going, so maybe it's a win-win for all -- the gov'ment gets credit for "cracking down on porn" and the hard cores have a known set of procedures to keep their stuff under cover.
Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
Sure, unless they decide to search anyway and claim you consented.
Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
Yes, generally anything that is encountered during the course of a lawful search (even if for something else) is admissable. Sure, cops can't go paw the drawer next to your bed looking for a stolen TV but the problem is how this is understood by the courts.
In particular this rule is understood to mean that if the police open your safe looking for a stolen laptop the papers inside would be admissible in court. In other words once the police have cause to look inside a container you own they can examine the contents at their leisure, they need not immediately cease looking the second it's apparent the subject of their warrant isn't present. Now if you had a locked jewelery box inside that safe they likely wouldn't be able to examine the contents if it was outside the scope of the original warrant but the problem is when you try to map this notion onto that of a computer.
In particular it turns out that case law so far has endorsed the idea that the computer is just one big container. Maybe things would be different if you had an encrypted volume on the computer but in general once they have reason to examine your computer for one thing they can examine everything.
In fact the standard practice in the US is to seize your computer and have their experts perform a low level clone of the disk the second they have any reason to search your computer. Moreover, since the 4th ammendment and past case law is grounded in the notions of physical searches and seizures there is no framework for restricting what they can use the HD clone for once it's been made (well privacy laws might prevent them from disclosing your cybersex logs but that's about it)
If you liked this thought maybe you would find my blog nice too:
And you're ALL Number 6.
Do you have the courage that Number 6 had? Will you fight back against Number 2?
Are you just "A number" or are you Free Men & Women?
The choice is yours.
Guaranteed! This comment 100% Anthrax free!
A lot of "common sense" powers have had to be denied to police, because they've proven themselves incapable of not abusing them. Every counter-intuitive restriction placed on government officials can be traced to an incident of abuse so horrific, that society opted to "tie the hands" of everyone rather than entrust anyone with that power any longer. Really, it takes quite a lot for anyone in government to advocate a limit on governmental powers.
The odds of an older IE install not having downloaded something illegal under British law are slimmer than the odds of a U.S banknote not having minute traces of cocaine. Theoretically possible, highly improbably, and great for the police to abuse.
I was watching cops (not a regular viewer but was being sociable) and saw a cop search a car claiming a "furtive gesture" as probable cause. I could hardly believe it, here was a guy who knew he was being filmed who apparently decided that showing his ability to get around the need for a warrant was going to be taken as a good thing by viewers. What sticks with me isn't the injustice of it all, it was that a potential jury of peers sitting around watching TV seemed to support the action.
B) Eliminate all the stupid users. This is frowned upon by society.
Personally, my respect for the law greatly diminished when I received a ticket that stated I'd turned left where prohibited by sign – at an intersection I'd driven straight through. In fact, I hadn't even entered that intersection when the cop turned his lights on.
Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
Worth becoming a regular viewer. You can learn a lot about current manipulative tactics used by police. Just treat it as a real-time game - your job is to roleplay as the suspect, and call FAIL when the suspect makes the fatal mistake. You win when you call FAIL at the right time, and you lose when you think "Damn, that guy said what I woulda said!". After a few months of regular viewing, you can get pretty good at it. Think of it as survival training.
It's propaganda. If most of the jury pool watches the show without regarding it as a survival training scenario, the show's backers can change the popular conception of what constitutes probable cause. Knowing what the desired standard for probable cause is the real benefit of watching the show. (It has changed over the years since the show started airing.)
(Correct response in the situation is to enter an "Am I under arrest?" "Am I being detained?" "Am I free to go?", and "I understand your position, but I respectfully disagree that you have probable cause, and I do not consent to a search." loop. If you're very lucky, you'll get a cop who's honest enough to stop before he illegally searches you. If he's an average honest cop, his illegal search will yield nothing, and no harm, no foul. Even a corrupt cop will be less likely to plant something, knowing that he's less likely to be able to use it as evidence.)