UK Police Want Magic 'This Computer Is Used By A Criminal' Alert Software

from the and-a-pony! dept

It seems that some folks in the UK police department are in their “wishful thinking” mode as we approach the holidays — and those wishes seem to include everything. Specifically, detective superintendent Charlie McMurdie is asking for a theoretical device that would basically tell police when they’re in the presence of a computer being used for criminal purposes, which he refers to as a “breathalyzer” for computer crimes:

“Do we need to seize five computers in a suspect’s house or could we use a simple tool to preview on site and identify there’s that one email we are looking for and we can then use that and interview the person now, rather then waiting six to 12 months for the evidence to come back to us?

“For example, look at breathalysers – I am not a scientist, I could not do a chemical test on somebody when they are arrested for drink driving but I have a tool that tells me when to bring somebody in.”

I mean, sure, it would be good to be able to do that… but how could you possibly develop an algorithm that would work that way. A breathalyzer works because you have one single (measurable) thing to measure: blood-alcohol levels. For crime, there’s simply no way to do something like that. Yes, it is a good idea for police to be able to do better computer forensics, and not have to wait forever for computer contents to be examined — but this seems like pure wishful thinking.

Filed Under: , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “UK Police Want Magic 'This Computer Is Used By A Criminal' Alert Software”

Subscribe: RSS Leave a comment
48 Comments
Anonymous Coward says:

Re: Re: but honestly ...

“maybe the breathalyzer has been proven inaccurate from time to time …. but just try to imagine how many times they have been right. You cannot use the argument that just because it isn’t perfect that it is worthless … at least not about road-side alcohol testing.

here in America you’re innocent until proven guilty. If you put one person away who didn’t deserve it based on bogus breathalyser data, the system has failed. So, maybe you can use your argument in Britain, but not in the US. A voting machine that miscounts votes is worthless. A breathalyser that 99% of the time works everytime is worthless as well. Close only counts in horseshoes and hand grenades.

Strofcon says:

Re: Re: Re: but honestly ...

By your logic, we could never arrest anyone for any crime, regardless of the evidence. Even if you were to catch them committing a crime on film, it wouldn’t be sufficient to arrest them because it’s possible that a glitch in the operations of the camera could have altered details of the image such that it looked like the suspect, but was actually someone else.

You must never use any product, ever, because it doesn’t have a 100% success rate. You must have typed your asinine response on the most advanced piece of computing machinery in the universe, given that it obviously can’t fail – otherwise you’d have nothing to do with it.

mslade says:

This is clearly just...

A remark made by an uninformed person. She might be asking for the impossible, but she’s on the right track. I’m not in law enforcement so I don’t know what tools they currently have, but if they DON’T already have a tool for ‘profiling’ a computer quickly for suspicious activity, they need one. As long as it was presented as a tool that could easily have false positives, then this isn’t a bad idea.

The problem occurs if somebody makes a profile device and then says “This will tell you if there’s crime on a computer!”.

hegemon13 says:

Re: This is clearly just...

How would that possibly work. Everybody discussing Call of Duty tactics by email or IM would be flagged as a terrorist. Anyone talking about the cool stunt he pulled in GTA could be flagged as a criminal/murderer. Sorry, in most cases, this type of evidence is subjective and requires too much circumstantial evidence.

Ima Fish (profile) says:

Re: Re: This is clearly just...

How would that possibly work.

It could scan for credit card information. Certainly a list of credit card numbers would be suspicious.

It could scan for large numbers of MP3s and video files, which could indicate copyright infringement.

It could scan for cracks and keygens. Which again could indicate copyright infringement.

It could scan for mass mailing software, which could indicate spamming.

I could scan image files for high amounts of flesh colors which could indicate porn.

Anonymous Coward says:

Re: Re: Re: This is clearly just...

“How would that possibly work.”

“It could scan for credit card information. Certainly a list of credit card numbers would be suspicious.”
Unless you had a lot of credit cards and used a digital wallet program to keep up with them, or if you owned a small business with, say, consultants who had company cards and you wanted to keep the numbers on file.

“It could scan for large numbers of MP3s and video files, which could indicate copyright infringement.”
Unless you happend to be a DJ, or wedding videographer, or just someone who happens to have a large CD collection and prefers the convenience of the mp3 format.

“It could scan for cracks and keygens. Which again could indicate copyright infringement.”
Unless you happened to have purchased a video game with non-functional, draconian DRM for which the game publisher suggested that you download the crack so you could play your legally purchased game.

“It could scan for mass mailing software, which could indicate spamming.”
Unless you happen to be a marketer or even just a small business owner for whom these tools would be invaluable.

“I could scan image files for high amounts of flesh colors which could indicate porn.”
You could, but then you’d find all of my family photos taken in my living room where my wife painted the walls “Bare Essences”, which looks amazingly like nude flesh.

Honestly, the potential for false positives that would have to be more closely scrutinized makes any kind of tool like this useless and a waste of time.

Anonymous Coward says:

Re: Re: Re: This is clearly just...

Credit Card Numbers look like any other sort of number.

MP3s and Video files are used for legitimate reasons more often then illegal ones

Cracks and Keygens are programs, and hence very difficult to decode without running them. Other programs have similar outputs to Cracks and Keygens. That is to say ‘Legitamate copies’ and ‘Random number generators’

Mass mailing software… see same program problem

Image files with high amounts of flesh color? Since when was my faimly album with about 700 photos of my faimly illegal? Even if some of them are closeups of their faces?

Rob says:

Re: Re: Re: This is clearly just...

Scanning for large numbers of MP3s/digital music is nonsense in this day and age. I own all my music – to the tune of 170+ GB and 7000+ songs.

I’m sure most professional photographers would be pissed at the implication that large numbers of photos with “flesh colors” would be considered porn.

How about we go the other way and the police bugger off unles they have prior evidence of a crime being committed?

PaulT (profile) says:

Re: Re: Re: This is clearly just...

“It could scan for credit card information. Certainly a list of credit card numbers would be suspicious. “

How would you determine “credit card numbers”? Strings of 16 numbers? That could be anything, especially if the data is encrypted, and thieves could just as easily encrypt the data using non-numeric characters to bypass the filter.

“It could scan for large numbers of MP3s and video files, which could indicate copyright infringement. “

Or someone running a video production company. Or a DJ transferring his collection to a backup server. Or someone transferring CC-licenced material.

“It could scan for cracks and keygens. Which again could indicate copyright infringement. “

Or someone trying to bypass the stupid CD keys on his own legally purchased software. Not to mention, how would you quantify a “crack” or “keygen”? Filenames? Pirates will name them something else. Content? How do people determine which sequence of 0s and 1s constitutes such a thing?

“It could scan for mass mailing software, which could indicate spamming. “

Or companies running a legitimate mass mailing marketing campaign to opted-in subscribers.

“I could scan image files for high amounts of flesh colors which could indicate porn.”

Or someone with a lot of wedding, school or photos of other groups of people (and/or any legitimate glamour photographer you can think of). This has been tried with little success btw – slight old example here: http://www.dansdata.com/pornsweeper.htm, but there’s many other failures.

Basically, there’s no way of a system like this working without generating a huge amount of false positives while blocking massive amounts of legitimate usage.

Simon Lynch (user link) says:

Not too stupid

We spend a lot of time catching bad guys posting fradulent stuff on http://www.justlanded.com, and I am sure it would be possible for a tool to be created to scan a PC for bad stuff if it’s one the HDD without encryption – for fraud stuff, simple keyword stuff would be able to flag bad comms, for kiddie-porn looks for video files and do keyword stuff. It wouldn’t be tough to do and could be useful in a time-sensitive situations. Bad news is that this wouldn’t prove the PC was clean, so I guess if they don’t find anything they will cart it off anyway.

I would be more worried about the fact that plod finds it increasingly easy to get hold of someone’s PC in the first place.

Thom says:

already available

“A breathalyzer works because you have one single (measurable) thing to measure: blood-alcohol levels.”

Things have probably changed in the 20 years since I looked at the schematic for a breathalyzer, but at the time there were two things to measure. Breath-alcohol levels were one and, I believe, acetone was the other. It’s present in the breath of diabetics and absorbs some of the same wavelengths of light as alcohol and, coincidentally, the ones used to measure alcohol levels in breath.

On topic, the RIAA already has such software. The instant it detects that it’s been connected to a computer it alerts to the presence of a criminal, because everyone pirates music.

f2point8 says:

You're missing the point

“…tool to preview on site and identify there’s that one email we are looking for and we can then use that…”

It looks to me like a simple scan and compare this person is asking for. And sure it could go beyond that to find email replies in the same thread of email exchanges with the same address.

You guys a missing the point. The cop is not looking for miracles, just a portable drive scan program.

CJ says:

To play devil’s advocate here, it doesn’t sound like what’s being wished for is a magic scanner that says ‘hey, you committed a crime, now I’m going to arrest you,’ from the quoted material it sounds like what’s being said is ‘When we execute a warrant on someone’s home and there are 5 computers in a home, some of which might not even belong to the suspect, it would be nice if we could just quickly run a scan on the computers and see which ones have no evidence of criminal activity right there, so we don’t have to waste our time seizing them and having our forensic techs run them when they could be focusing on the ones that do pass a preliminary test for potential evidence of crime.’ Which to me doesn’t seem like that bad of an idea, after all we use luminol to look for blood to cut out just that square of carpet for testing rather than ripping up the entire carpet and taking it back to the lab so see if there might be some blood on it. You still have to find the legitimate evidence to make a case and have your warrants in order, but it could narrow how much evidence you have to sift through.

Of course whether something like this is possible, who knows, maybe someday if there was enough money invested in development. (Or if the UK has a lot of Bond villlians with powerpoint presentations called MyCriminalPlanForWorldDomination.ppt on their C drives, it might be closer than we think.)

O. Duh says:

Silly...

We’re ALL criminals… didn’t you hear… if you break any of a websites Terms of Service… you are guilty of computer hacking!

My website’s ToS involves you handing over your first born to me every full moon – but only if it’s a girl, she’s over 18 and very hot! Failure to meet any of those terms and you are a computer hacker!

Anonymous Coward says:

Not that hard.

From the quote above it sounds like what he’s looking for can already be done.. and done easily.
If he has a list of documents he wants to find, or suspects might be on a computer, a hash can be made of that file(s).
Then in 20 minutes each of those computers can be hashed on the spot(every individual file, not the hard drive as a whole), and any hashs that match your list of known files will pop up.

If that’s all he’s looking for, it’s already ont eh market, or could be with almost no extra work.

Anonymous Coward says:

Re: that hard

That’s not entirely true.. there are a number of of well tested tools which function on intact computer s that have been upheld in courts and properly peer tested. But in general, it does require the removal of the hard drive for any in depth analysis.

Plus it should be noted, that if the police find anything, it’s a given that they will seize and process every other computer as well. No cop will ever find one piece of evidence, and then call the search quits and leave. If a cop searchs your car and finds a crack pipe, you know they are going to tow that car to the station and tear it apart looking for anything else.

Deanb says:

One of my friends does Digital Forensic’s and he had pointed me out to a similar tool made by Microsoft for police forces.
If what I understand of it, it’s a USB dongle that’ll break through majority of password’s they’ve put on it, include encryption, and most handily copy over anything stored on the RAM, which obviously goes if they seize the computer.
Here’s the first link I came across – http://seattletimes.nwsource.com/html/microsoft/2004379751_msftlaw29.html

Jesse says:

The point the guys over at slashdot were making was this: don’t police officers need a warrant to look for something specific? If they bust into a house looking for drugs, and then do a scan of a computer, isn’t that sort of violating the search warrant? If today, you have to bring a computer in for forensics, then it is less likely that police will violate a warrant. But if they can do a quick scan, which indicates “maybe” criminal activity, then that can be classified as in plain site = violating warrant.

Seems like a shitty idea all around.

Michael (profile) says:

While they’re at it, they can try out these ideas…
1. They can put cameras in how homes.
2. Daily polygraph test.
3. Fit breathalysers / drug detectors to our cars.
4. Direct all internet traffic thro’ central filters.
5. Do away with the need for trials (the police know who is guilty – why waste money on lawyers and let criminals off the hook)
6. Mandatory prison time every 5 years just in case they miss something (use a suitably prot name like “peoples’ work camp”).

…Remember, if you’re innocent you’ve got nothing to hide. 🙂

zs450 says:

Wishful thinking

Wishful thinking is the way that innovation comes about.

Think about someone hundreds of years ago who would have wished to be able to get from Maryland to California in less than a month…. I’m sure they wished they could fly.

Yes, this seems like something on the verge of impossible but there are those people who make the impossible possible.

zs450 says:

Wishful thinking

Wishful thinking is the way that innovation comes about.

Think about someone hundreds of years ago who would have wished to be able to get from Maryland to California in less than a month…. I’m sure they wished they could fly.

Yes, this seems like something on the verge of impossible but there are those people who make the impossible possible.

Add Your Comment

Your email address will not be published.

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...
Loading...