.

[Article] UK police: 'We need crime breathalysers for PCs'

<<

Fathercat

Newbie
Newbie

Posts: 24

Joined: Wed May 07, 2008 9:23 am

Location: St Louis

Post Fri Dec 12, 2008 10:47 am

[Article] UK police: 'We need crime breathalysers for PCs'

UK police: 'We need crime breathalysers for PCs'

UK police are hoping to one day develop a breathalyser-style tool for computers that could instantly flag up illegal activity on any PC it's attached to.

Detective superintendent Charlie McMurdie, architect of the UK's Police Central E-crime Unit (PCeU), said frontline police ideally need a digital forensic tool as easy to use as the breathalyser, to help them deal with growing numbers of computers being seized during raids on suspects' homes.

McMurdie said such a tool could run on suspects' machines, identify illegal activity - such as credit card fraud or selling stolen goods online - and retrieve relevant evidence.

She told silicon.com: "Do we need to seize five computers in a suspect's house or could we use a simple tool to preview on site and identify there's that one email we are looking for and we can then use that and interview the person now, rather then waiting six to 12 months for the evidence to come back to us?

"For example, look at breathalysers - I am not a scientist, I could not do a chemical test on somebody when they are arrested for drink driving but I have a tool that tells me when to bring somebody in."

The eventual development of such a tool could help ease a backlog of digital forensic work that has officers waiting up to a year for evidence to be recovered from seized machines.

The tool is part of a package of measures envisaged by McMurdie as one day coming out of the £7m PCeU, which from spring next year will co-ordinate law enforcement of all online offences and lead national investigations into the most serious e-crime cases.

McMurdie also discussed the possibility of setting up a "central forensic server", where digital forensic experts from across the UK could log in and analyse whatever systems were plugged into it.

She described how it could help tackle corporate e-crime, saying: "Say one of the banks is attacked and we need to have a look at one of their hard drives: that bank would have something that they can plug their system in to and that connects to this central forensic server.

"Say there is a copper who is a forensic expert in Devon and Cornwall, he could hook into the central server and deal with it from Devon and Cornwall, rather than travelling up to London."

McMurdie said UK police have also been talking to the FBI and US Computer Emergency Readiness Team units about their use of remote searches of hard drives over the net.

PCeU leaders are also in talks with the Association of Chief Police Officers about setting up regional centres for e-crime training.


Found the article interesting...to the point of what behavior would the tool search for.  Hacking tools?  Reading Black Hat sites? 


CISSP
<<

RoleReversal

User avatar

Hero Member
Hero Member

Posts: 928

Joined: Fri Jan 04, 2008 8:54 am

Location: UK

Post Sat Dec 13, 2008 11:17 am

Re: [Article] UK police: 'We need crime breathalysers for PCs'

Fathercat,

I read the same article and came up with similar questions. Unfortunately given the latest UK laws on 'hacking tools' a device like this is going to get you flagged up for Nmap, nessus, metasploit etc. Hell, from the letter of the law telnet can be used for unauthorized systems access, so that's every default installation of XP failing the breathalyzer.

More importantly to me though, as it'll partly be my taxes that fund this scheme I hope it doesn't go to far. With the rate things are changing in this field, even the trained guys are struggling to keep. I think the UK police are trying to deal with a symptom and not the cause, if the spent the money developing enough trained guys (& gals) in the constabulary they might find they don't have a need for expensive gadgets.

Regardless, my days of trusting the UK government to get anything more technical than a paperclip right are long gone....
<<

Artful Dodger

Newbie
Newbie

Posts: 43

Joined: Tue Apr 29, 2008 8:58 am

Post Mon Dec 15, 2008 9:09 am

Re: [Article] UK police: 'We need crime breathalysers for PCs'

this is really interesting.  And I can understand the need.  But there is no way that a simple tool would work on a majority of the cases we work.  I like the idea, but it seems a little over simplistic.  A breathilyzer is very specific and has concrete rules.  I think it would be more like being at a crime scene and having tools to detect blood, seman, hari or other things and determine the dna.  From what I have dealt with over the last couple years, there arent a whole bunch of absolutes. 

Anyways, I am sure there is some logic that could flag things appropriately, but I doubt it would be 100% (or even 60%).  I think it would have to be on limited cases...like "is there CP on this machine".  Not fraud.

good idea, but seems over simplified. 
CISSP, C|HFI, Security+, Network+, XYZ...blah.
<<

Fathercat

Newbie
Newbie

Posts: 24

Joined: Wed May 07, 2008 9:23 am

Location: St Louis

Post Mon Dec 15, 2008 12:30 pm

Re: [Article] UK police: 'We need crime breathalysers for PCs'

I find it hard to get an AIO tool to determine if a computer was used in illegal activity.  Network admin tools can be used for good and bad.  Would they still have to determine "intent".  I agree with RoleReversal as government catches up with technology and determine laws to cover crimes with use of computers.  That they need to invest in training the personnel to keep up with the demand. 


CISSP

Return to News from the Outside World

Who is online

Users browsing this forum: No registered users and 0 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software