Slashdot Mirror
UK Police Want Plug-In Computer Crime Detectors
An anonymous reader writes "UK police are talking to private companies about using plug-in USB devices that can scour the hard drive of any device they are attached to, searching for evidence of illegal activity. The UK's Association of Chief Police Officers is considering using commercial devices that can perform targeted searches of text, pictures and computer code on hard drives, allowing untrained cops to detect anything from correspondence on stolen goods to child pornography. Police in the UK are desperate for a way of slashing the backlog of machines seized by the police in raids, with many forces having a backlog that will take a year to process." Maybe they shouldn't seize so many computers.
This should be easy to accomplish in the UK where citizens are required by law to turn over all their encryption keys or face jail time. It would be harder to make it work in the US, where people can use encryption. I suppose the Brits could employ TrueCrypt hidden volumes to keep their stuff private.
If I can be modded down for being a troll, can I be modded up for being an orc, or a balrog?
Now instead of having trained forensic experts, we'll have common beat cops searching your computer.
Attorney: How do you know he had illegal material on his computer?
Officer: I pushed the button, and the computer told me to arrest him.
Convert FLACs to a portable format with FlacSquisher
I think the UK Police got this idea while watching CSI.
Then there will be no problems with this technology!
That whole "innocent until proven guilty" thing is something that the Founding Fathers felt strongly about...having lived in England.
ad logicam Claiming a proposition is false because it was presented as the conclusion of a fallacious argument.
Then the cops wouldn't pick up any computers at all, which would be silly. I'd rather see compensation come out of the police budget if computers aren't turned over in a reasonable amount of time, similar to how US citizens technically have the right to a "a speedy and public trial, by an impartial jury."
Why has noone pointed out that these devices are using security holes to gain access and that these holes are being or should be blocked on most OS'es. It's probably just a matter of time before they will need a different ploy anyways.
A simple web-search turns up a tonn of comercial solutions already.
Many companys already require usb security suits to be installed on all company computers.
In the meantime disabeling drivers and locking down the policys required to re-enable (in windows that is) might be one way.
"...allowing untrained cops to detect anything from correspondence on stolen goods to child pornography. Police in the UK are desperate for a way of slashing the backlog of machines seized by the police in raids..."
How about investing more into proper trained cops? How about better education? That might help a bit... together with "Maybe they shouldn't seize so many computers".
Its an unfortunate situation when cops are more afraid of not seizing a machine carrying illicit material, than they are afraid of seizing hundreds or thousands of machines containing nothing illegal, and taking forever to return them.
Who ever said that this technology was going to replace the officers doing the work right now? I could definately imagine a system where low profile cases are automatically checked with this software and if anything is found it is flagged for review by an expert. High profile cases would, obviously, always be investigated by someone who knew what they were doing.
RTFS, says specifically "USB." And you know why? Simple. Netbooks. No CD drive. If they only used CDs, then any netbook would be immune, unless an external CD drive was hooked up, and since the point is to make it easy for untrained cops, that's not gonna work.
Either way, it's a massively stupid project on their part, and anyone with 20 minutes and a drive to not go to prison can find a way around it.
Canada: The US's more awesome sibling.
and taking forever to return them.
Who said anything about returning them?
Seven puppies were harmed during the making of this post.
You are all now living in The Village.
You have a choice.
You can be numbers, or you can be free men and women.
The choice is yours.
Choose wisely.
Guaranteed! This comment 100% Anthrax free!
That's the fault of the police for not keeping the evidence secure. You can't expect the suspects to be punished because they could well be innocent, after all there is no proof to the contrary.
http://spamdecoy.net - free throwaway anonymous email - avoid spam!
...all it takes is to load up some FM onto the USB device.
*FM = "Fucking Magic"
How about investing more into proper trained cops? How about better education?
Cops receiving official training as computer forensics are no longer simple beat cops - they are computer forensics experts and they should be treated and paid as such.
So, besides their police training they would probably require something equivalent to a BA/BS.
And even if there was enough time and money to educate and pay them later - system needs its beat cops too. Not just highly trained computer forensics.
What they would like to have is a "breathalyser-style tool for computers that could instantly flag up illegal activity on any PC it's attached to".
Which is delusional, even when you limit it to "a simple tool to preview on site and identify there's that one email [they] are looking for [so they] can then use that and interview the person now, rather then waiting six to 12 months for the evidence to come back" in cases such as "credit card fraud or selling stolen goods online".
Mit der Dummheit kämpfen Götter selbst vergebens
You're missing the point of seizures... or at least one possible point. In a significant number of cases, they're actually not carried out because of a strict need but rather to harass.
This can be on many levels, too. Maybe it's just the low-level plod on a power trip that thinks he's gonna stick it to you for being a toffee-nosed git; maybe it's some higher-up that wants to get you into trouble (for your political views or actions, perhaps).
The point is, if an adversary knows that you have a TrueCrypt Hidden OS, then it's no more secure than a plain old TrueCrypt-encrypted partition.
Aye. But if your adversary *really* *strongly* *believes* that you have a TrueCrypt Hidden OS where one does not actually exist, they're gonna wander off on a very expensive and time consuming snipe hunt.
Most people would hand over the laptop because they believe they must obey the police. Handing over the computer would be construed as giving permission for the search so no warrant would be required.
Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
Now if you are going to get down to the nitty gritty, how about reading the warranty 'er' end used licence agreement on the windows operating system. You know the bit, where it says that they do not warrant the operating system is free of viruses (illegal content) when they sell it to you. Now the law wants to make every person 100% legally responsible for all the content on a computer when the operating system supplier will emphatically not take any responsibility for the security, stability or reliability for that software when thy initially supply it to the consumer.
As it stands now, just the contents of a hard disk drive should never ever be considered the sole defining evidence of a persons innocence or guilt for any crime because only the most competent computer security experts are capable of keeping a computer secure and safe when connected to the internet and they must make continued efforts to keep it that way. So the law and the courts are turning a blind eye to the reality of the situation.
How many computer geeks out there actually believe that the typical computer using noob should be held legally liable for the activity of their computer, so when it is used in a botnet to commit credit card fraud should that family spend the next five years in jail for the crime they have committed for which they must now prove innocence. You can't even claim that there was no evidence of a virus, as the operating system warranty itself states that they may exist (benefit of the doubt) and of course a smart criminal will clean up any evidence that leads to them after using someone else's device in a major crime.
So the police hook up a device based upon using a operating system that does not warrant that it is free of viruses, to a suspects PC, and claim that the device is now free of viruses when the manufacturer directly refutes that claim, so the police will try to claim they did not infect the suspects machine and put the illegal content on that computer. A a very minimum I would hope they use publicly audited software, open source and not closed source proprietary software that the manufacturer believes already contains viruses as per their warranty and that includes the whole and complete evidence chain.
Chaos - everything, everywhere, everywhen