Hot Comments
- About time! (5 points, Informative) by sackvillian on Tuesday February 09, @09:50AM attached to Call For Scientific Research Code To Be Released
- Re:Be careful using the P2V tool. (5 points, Informative) by klocwerk on Tuesday February 09, @03:41PM attached to The Hidden Treasures of Sysinternals
- W.A.G. (5 points, Insightful) by ipb on Tuesday February 09, @01:17PM attached to How Do You Accurately Estimate Programming Time?
- Re:Surprise (5 points, Insightful) by Anonymous Coward on Tuesday February 09, @04:38PM attached to Microsoft Says Windows 7 Not Killing Batteries
- No problem (5 points, Insightful) by rastoboy29 on Wednesday February 10, @05:27AM attached to Appeals Court Rules On Internet Obscenity Standards
4734159
story
Comments: 382 +- Your Rights Online: UK Police Want Plug-In Computer Crime Detectors on Wednesday June 03 2009, @03:20PM
Posted
by
timothy
on Wednesday June 03 2009, @03:20PM
from the type-I-errors-type-II-errors-and-bonus-privacy-invasion dept.
from the type-I-errors-type-II-errors-and-bonus-privacy-invasion dept.
background: url(//a.fsdn.com/sd/topics/topicprivacy.gif); width:71px; height:53px;
privacy
background: url(//a.fsdn.com/sd/topics/topicgovt.gif); width:57px; height:80px;
government
background: url(//a.fsdn.com/sd/topics/topicsecurity.gif); width:59px; height:78px;
security
background: url(//a.fsdn.com/sd/topics/topichardware.gif); width:64px; height:55px;
hardware
background: url(//a.fsdn.com/sd/topics/topicnews.gif); width:60px; height:66px;
news
An anonymous reader writes "UK police are talking to private companies about using plug-in USB devices that can scour the hard drive of any device they are attached to, searching for evidence of illegal activity. The UK's Association of Chief Police Officers is considering using commercial devices that can perform targeted searches of text, pictures and computer code on hard drives, allowing untrained cops to detect anything from correspondence on stolen goods to child pornography. Police in the UK are desperate for a way of slashing the backlog of machines seized by the police in raids, with many forces having a backlog that will take a year to process." Maybe they shouldn't seize so many computers.
Related Stories
Submission: Police take step closer to crime breathalysers by Anonymous Coward
A great many people think they are thinking when they are merely
rearranging their prejudices.
-- William James
All trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the Poster. The Rest © 1997-2010 Geeknet, Inc.
First among other things... (Score:5, Funny)
this is probably something everybody should have, just to make sure they're in compliance.
Re:What about "extreeeeme" pr0n? (Score:4, Insightful)
Now if you are going to get down to the nitty gritty, how about reading the warranty 'er' end used licence agreement on the windows operating system. You know the bit, where it says that they do not warrant the operating system is free of viruses (illegal content) when they sell it to you. Now the law wants to make every person 100% legally responsible for all the content on a computer when the operating system supplier will emphatically not take any responsibility for the security, stability or reliability for that software when thy initially supply it to the consumer.
As it stands now, just the contents of a hard disk drive should never ever be considered the sole defining evidence of a persons innocence or guilt for any crime because only the most competent computer security experts are capable of keeping a computer secure and safe when connected to the internet and they must make continued efforts to keep it that way. So the law and the courts are turning a blind eye to the reality of the situation.
How many computer geeks out there actually believe that the typical computer using noob should be held legally liable for the activity of their computer, so when it is used in a botnet to commit credit card fraud should that family spend the next five years in jail for the crime they have committed for which they must now prove innocence. You can't even claim that there was no evidence of a virus, as the operating system warranty itself states that they may exist (benefit of the doubt) and of course a smart criminal will clean up any evidence that leads to them after using someone else's device in a major crime.
So the police hook up a device based upon using a operating system that does not warrant that it is free of viruses, to a suspects PC, and claim that the device is now free of viruses when the manufacturer directly refutes that claim, so the police will try to claim they did not infect the suspects machine and put the illegal content on that computer. A a very minimum I would hope they use publicly audited software, open source and not closed source proprietary software that the manufacturer believes already contains viruses as per their warranty and that includes the whole and complete evidence chain.
Parent
Should be easy in the UK. (Score:5, Insightful)
Cracking the 256-bit encryption is the easy part (Score:5, Funny)
The real problem is writing the OOXML parser.
Parent
Re:Should be easy in the UK. (Score:5, Funny)
We will wake up one day and find that keys to our doors only work from the outside.
I dunno about you, but my locks already only take keys on the outside. See, on the inside, I have this nice little knob I can use to lock the door without the key.
Parent
Re:Should be easy in the UK. (Score:5, Funny)
We will wake up one day and find that keys to our doors only work from the outside.
I dunno about you, but my locks already only take keys on the outside. See, on the inside, I have this nice little knob I can use to lock the door without the key.
mine has the knob on the outside, and the keyhole on the inside. it's like a hardware version of DRM.
Parent
Re:Should be easy in the UK. (Score:5, Funny)
Parent
Re:Should be easy in the UK. (Score:5, Interesting)
Any citizen who believes in human rights & the sovereignty of the individual should be willing to spend a little time in jail, rather than give the encryption key. A few days in jail is a small inconvenience compared to the return of tyranny that existed in the UK prior to 1800. You have the right to not be tortured into giving false confessions - this isn't the Medieval Ages or the Catholic Inquisition.
Remain strong; remain silent.
Parent
Re:Should be easy in the UK. (Score:5, Interesting)
Parent
Re:Should be easy in the UK. (Score:5, Informative)
A little time eh? Failure to surrender your encryption keys to the UK authorities will net you two years.
http://en.wikipedia.org/wiki/Regulation_of_Investigatory_Powers_Act [wikipedia.org]
And that's assuming that the act of trying to defend your individual sovreignty doesn't just make them trump up a whole bunch more charges to keep you out of the way for much longer since you're obviously in league with the terrorists/pedos/catholics.
Parent
Re:Should be easy in the UK. (Score:5, Funny)
Well, that's what they'll sentence you to. You won't do nearly that much time. Once they tell the other inmates you're a pedo, they'll kill you after a week, tops, with the guards looking on approvingly. You'll be out in no time!
Parent
Re:Should be easy in the UK. (Score:4, Informative)
"Whatever happened to "You have the right to remain silent . . ." "
I wasn't aware the Miranda decision [wikipedia.org] and the Bill of Rights [wikipedia.org] applied to the UK.
Parent
Re:Should be easy in the UK. (Score:5, Informative)
Parent
Re:Should be easy in the UK. (Score:4, Interesting)
When I see a cop, I suddenly become a deaf-mute. Anything you say, even something as simple as, "I don't own a gun and know nothing about a robbery," can be used against you.
Attorney: "When you arrested Mr. Smith did you notice anything odd?"
Cop: "Yes when I told him about the robbery he said he doesn't own a gun."
Attorney: "What's odd about that?"
Cop: "I never said the robber used a gun, and yet somehow Mr. Smith knew that intimate detail. That's why we decided to detain him and press charges as the most-likely suspect."
Attorney: "Any other incriminating evidence?"
Cop: "The store-owner identified Mr. Smith as visiting the store that evening, and acting in a suspicious manner. He was at the scene of the crime."
Attorney: "So Mr. Smith was at the scene of the crime, was aware of how the robbery was committed...with a gun... and acted in a suspicious manner."
Cop: "Yes."
Ooops. You might be completely innocent, and yet because you stupidly opened your mouth, now you're headed towards a probable conviction. Yay.
Parent
Re:Should be easy in the UK. (Score:5, Informative)
What happened was that out current Labour government jumped on board with the war on terror then got this bill through parliament without any real public debate about the contents under the guise of fighting terror. The vast majority of the British public have no idea this shite is on the books as the press all agreed not to cover the law in any depth before it was passed.
Maybe the bill was D-noticed but we will never know since the press are not allowed to mention what is D-noticed and what is not.
http://en.wikipedia.org/wiki/D-Notice [wikipedia.org]
Parent
Great... (Score:5, Insightful)
Now instead of having trained forensic experts, we'll have common beat cops searching your computer.
Attorney: How do you know he had illegal material on his computer?
Officer: I pushed the button, and the computer told me to arrest him.
Re:Great... (Score:5, Funny)
Officer: I pushed the button, and the computer told me to arrest him.
Pffft! You think too small, and will never take over the world.
Corrected version follows.
Attorney: How do you know he had illegal material on his computer?
Officer: The computer called us and informed on its owner.
Attorney: It called you?
Officer: Yeah. And so did yours. You still want to question me, Mr. 500Gig Chubby Porn Collection?
Parent
Re:Great... (Score:4, Insightful)
Attorney: Yeah I have chubby porn. It's not illegal or a crime. Are you in the habit of arresting citizens for violating non-existent laws? ...uh... ...uh... ...and have been reprimanded multiple times by your superiors. Could it be you searched my client's computer without provocation? .......
Officer:
Attorney: Your case history indicates you make many false arrests. Like this one: Arresting an elderly woman because she refused to let you enter her house. What have you to say to that?
Officer: She refused to comply with our request to enter.
Attorney: Ahhh you REQUEST to enter... so you didn't actually have a warrant..
Officer:
Attorney: But you decides to arrest her anyway. Wasn't she later freed?
Officer: Yes but...
Attorney: And here's another case where you broke into the wrong house and damaged the door.
Officer: It was an accident.
Attorney: Yes but you never replaced the door, forcing the innocent person to spend $500 in repairs. You have a long, long history of abuse against the residents...
Officer: Now see here!
Attorney:
Officer: I had a warrant.
Attorney: An *invalid* warrant. It's not signed by a judge, you never swore an oath, you just photocopied it and filled-in the details yourself. Isn't that true?
Officer: No!
Attorney: Remember you're under oath Officer Chiklas. This is clearly your handwriting, is it not?
Officer:
Attorney: Well?
Officer: Yes.
Attorney: Your eminence, I submit that this was an illegal search and seizure without a warrant and all evidence should be dismissed.
Parent
Re:Great... (Score:5, Informative)
Parent
Re:Great... (Score:5, Interesting)
Parent
Re:Great... (Score:5, Informative)
Parent
Re:Great... (Score:5, Insightful)
Not to mention that if you've published copyrighted material, they might get a false positive, indicating that you're infringing against yourself! ;)
Parent
Re:Great... (Score:4, Interesting)
Something like this happened to a friend of mine.
He owned a blog that he literally put up everything that happened in his life.
He added pages of an essay he was writing for History to his blog as he finished and edited them.
A few days after he turned in his paper he was asked to speak to the Dean where he was accused of plagiarism because Google turned up his blog (he uses a pseudo-name, and has google-analytics installed on his blog)
Took him a few meetings with the education board to prove that it was his blog and his own writing.
What a bitch, eh? The fact that the teacher merely typed it in Google and said "Good enough". He didn't bother to look for any pictures or any information that would hint that it was this particular persons blog.
Parent
Just one thing to say: (Score:5, Informative)
Re:Just one thing to say: (Score:4, Informative)
Parent
Urm? (Score:5, Interesting)
Hmm (Score:5, Insightful)
and the companion product.... (Score:5, Interesting)
Seth
Re: (Score:3, Interesting)
Just rewire your USB ports to run at 120v. And label it USB120 so you can point back at them for not reading when they try to charge you with damaging their equipment.
Encryption=suspicious? (Score:5, Interesting)
Re: (Score:3, Informative)
Re:Encryption=suspicious? (Score:4, Informative)
they don't - you have to prove that you've forgotten it O.o.
Yes, this is a bad law.
Parent
Re:Encryption=suspicious? (Score:4, Insightful)
That whole "innocent until proven guilty" thing is something that the Founding Fathers felt strongly about...having lived in England.
Parent
Oh geez! This is too easy! (Score:5, Funny)
If I understand the British government, they wouldn't have any problems with this approach either:
Let's build a live USB Linux load that knows how to read and write all known file systems including encrypted systems. Then we will write a few handy scripts that will scan for a fairly long list of known files using MD5sum or some such. Then, if it doesn't turn anything up, copy some child porn from the USB drive over to the target system and print out the arrest warrant.
Re:Oh geez! This is too easy! (Score:4, Interesting)
Parent
Microsoft already provides this (Score:5, Informative)
It's called COFEE [microsoft.com]
Cops got even got their own web portal courtesy of Microsoft.
Inspired! (Score:5, Informative)
Maybe they shouldn't seize so many computers.
As someone working in Digital Forensics in the UK I can honestly say that this is the most inspired piece of wisdom I have seen in a long time. Our company has literally had computers that haven't been switched on in a decade that have been sitting in a garage or attic until the cops decide to seize them. This is good for business but bad for taxpayer expenditure and the expedient discovery of data of evidential worth. The process for seizure of computer equipment in police investigations is essentially "if it has an on-off switch then seize it". There needs to be some training given to officers seizing although I doubt they will as they are scared of the first case of non-seized items containing illicit material.
Re:Inspired! (Score:4, Insightful)
Parent
O RLY? (Score:4, Interesting)
UK police are talking to private companies about using plug-in USB devices that can scour the hard drive of any device they are attached to
I've got a rackmount OpenBSD box that claims otherwise.
Why not.... (Score:4, Interesting)
How desperate are they? (Score:5, Insightful)
"...allowing untrained cops to detect anything from correspondence on stolen goods to child pornography. Police in the UK are desperate for a way of slashing the backlog of machines seized by the police in raids..."
How about investing more into proper trained cops? How about better education? That might help a bit... together with "Maybe they shouldn't seize so many computers".
Problem... (Score:4, Insightful)
How about investing more into proper trained cops? How about better education?
Cops receiving official training as computer forensics are no longer simple beat cops - they are computer forensics experts and they should be treated and paid as such.
So, besides their police training they would probably require something equivalent to a BA/BS.
And even if there was enough time and money to educate and pay them later - system needs its beat cops too. Not just highly trained computer forensics.
What they would like to have is a "breathalyser-style tool for computers that could instantly flag up illegal activity on any PC it's attached to".
Which is delusional, even when you limit it to "a simple tool to preview on site and identify there's that one email [they] are looking for [so they] can then use that and interview the person now, rather then waiting six to 12 months for the evidence to come back" in cases such as "credit card fraud or selling stolen goods online".
Parent
USB? (Score:4, Interesting)
How would a USB device get access to the host system's drives?
Surely that would require drivers to be loaded on the host...
Not only would this be very OS specific, but it could easily be defeated, you could configure the host to detect the insertion of this particular type of usb device and perform a secure overwrite of all your incriminating files when such a device is inserted.
UK cybercops demand magical digital snake-oil (Score:4, Informative)
UK police are asking for a "breathalyser"-style tool for computers that could instantly flag up illegal activity on any PC it is attached to [today.com].
Detective Superintendent Charlie McMurdie, who is what passes for a computer expert in the police force, said such a tool could run on suspects' machines, instantly read and analyse their email, web browsing and chat logs, identify credit card fraud or selling stolen goods online, reliably detect and assess images containing children on the five-level child porn scale and create a handy log of relevant evidence. And a pony.
"It's surely just a simple matter of programming," said McMurdie. "We're seizing so many computers from people with a copy of Virgin Killer that frontline police need a digital forensic tool as easy to use as the breathalyser, to magically flash up 'HONEST UPSTANDING CITIZEN' or ''E'S A NONCE, GUV'. Do we need to seize five computers, all their mobile phones, their CD and DVD collection and basically everything that runs on electricity, or could we use a magical police gadget with impressive flashy lights and stuff? I thought computers were supposed to make life easier!"
The eventual development of such a tool could help ease a backlog of digital forensic work that has officers waiting up to a year for evidence to be recovered from seized machines, though threatening to destroy people's livelihoods has proven very efficient in extracting confessions.
EDS Capita Goatse have promised they can "absolutely, definitely, certainly, probably" produce such a tool with only an ironclad GBP100m five year contract, and also reliably determine whether a computer program halts or not. The Internet Watch Foundation also demanded to be involved, and were told their details would be kept on file.
"It was so much simpler in the old days," sighed McMurdie. "People asking you what time it was, burglars with domino masks and striped jumpers and bags marked 'SWAG,' chirpy Cockney sparrow second-hand car dealers wiv a heart of gold ... you just can't get the wood, you know."
Re: (Score:3, Informative)
Re: (Score:3, Insightful)
Who ever said that this technology was going to replace the officers doing the work right now? I could definately imagine a system where low profile cases are automatically checked with this software and if anything is found it is flagged for review by an expert. High profile cases would, obviously, always be investigated by someone who knew what they were doing.
Re:Perfectly Legitimate (Score:5, Interesting)
One is write blocking. To prevent corruption, tampering, and similar issues, it is good practice to use a hardware write blocker and, where possible, work from a disk image made from the original disk through a write blocker. A USB bootable system is not going to have that level of assurance. In a lot of cases, cops will have to monkey with the BIOS to get it to boot the USB drive and, with the vast number of BIOSes, chipsets, hardware RAID boards, softRAID crap, etc, etc. out there, trusting software to prevent tampering or corruption seems potentially troublesome.
More generally, the demand for a "PC breathalyzer" is a demand that a difficult problem be made trivial so it can be done by unskilled or ignorant people. That sort of demand is rarely a harbinger of future quality, which is disquieting when people's freedoms are potentially at stake.
Parent
Re:A year? (Score:4, Insightful)
Parent
Re:A year? (Score:4, Informative)
Interesting little side story to this.. A co-worker's daughter had her purse stolen at college. The perp used her bank card to buy gasoline and make online purchases. They were traced and the person was caught. The local sheriff seized the perp's computer as evidence.
Where it gets interesting is that we had a MAJOR flood last year that flooded the sheriff's office. All of the evidence on hand was destroyed in the flood, and the cases the relied on the evidence had to be thrown out. To add insult to injury, they had to replace all the evidence that was destroyed. The perp ended up getting charged with nothing, and got a brand new computer out of the deal.
Needless to say, my co-worker was not happy!
Parent
Re: (Score:3, Informative)