Feeds

Traces of Guilt: computer crime from the front line

Computer forensics dissected

  • alert
  • submit to reddit

Using blade systems to cut costs and sharpen efficiencies

Book review It's rare to read a book about computer security that captures the spills and thrills of hunting cyber-criminals.

Neil Barrett's Traces of Guilt conveys the intellectual excitement of the chase and sheds light on the real extent of computer crime and the use of computer evidence in a wide varietyof cases.

An ex-hacker in his youth, Barrett these days advises the police as well as working as a security consultant for major companies. He testifies regularly as an expert witness in criminal prosecutions, mostly appearing for the prosecution.

Barrett's book takes the reader into the world of the computer forensics and guides us through some of the high profile cases he's worked on - from Gary Glitter's conviction as a child porn-user through sundry cases of hacking to a brace of murder trials where computer evidence was key to the conviction or acquittal of suspects. The book outlines the evolution of computer forensics techniques: Barrett is particularly good at explaining how computer evidence has become an important aspect in investigating 'ordinary crimes'.

At times, Traces of Guilt reads like the script for an episode of CSI; and we get to understand the specifics of crimes committed and clues left by suspects, which he recovered.

PC procedural

The book contains 14 chapters, 12 of which deal with cases and investigations in which Barrett was involved. For example, one chapter explains how a murderer's water-tight alibi was broken through an investigation into the internal clock of a computer dispensing receipts at a chemist, which was an hour slow.

Not all of the cases Barrett writes about lead to criminal prosecutions. He was, for instance, involved in the discovery of a secondhand computer discarded from a high street bank contained the banking details of Sir Paul McCartney, including his account number, sort code and balance.

The role that computers play in crime - and in particular the detection and prosecution of crime - are central to the book.

Barrett is interested in relating the specifics of the investigations he has been involved in and from this we get a series of true-life detective stories. Connoisseurs of police procedural novels will enjoy Barrett's work.

Fear of a black hat

The book is written to be understood by the layman but network administrators will find much of value on within its covers, not least when Barrett discusses the step-by-step approach that crackers commonly take to break into systems. The book also devotes one chapter to social engineering.

Barrett is almost as good on the motives of hackers. Hacking, in his book, is seldom a random act and often geared towards a specific criminal objective.

The author reports in detail incidents where computer crime suspects used encryption to hide their tracks, and the battle of wits which ensued between hackers and computer experts. From the book we learn that the National Hi-Tech Crime Unit has access to GCHQ code breaking resources in cases involving national security or attacks on national infrastructure organisations, such as utilities.

No future

Computers do not destroy data when a user deletes it, therefore leaving evidence for investigators to locate.

Windows XP provides disk level encryption - which Barrett foresees will cause problems in the forensic examination of computers. He also discusses the difficulties in tracing criminals created by the introduction of wireless networking.

Barrett makes these points in a very short final chapter of just four pages. If the book has a fault it is a lack of an overview which ties together all the cases together and looks to the future. This is, perhaps, something for Barrett's next book.

Minor quibble aside, Traces of Guilt is a well-written study which lifts the lid on computer forensics, while avoiding sensationalism. The book benefits from Barrett's obvious enthusiasm for his work and down-to-earth perspective. His humour shines through. Anyone who is interested in computer forensics will enjoy the book.

Strongly recommended. ®

Traces of Guilt, by Neil Barrett
Bantam Press
Hardcover - 251 pages
Feb 2004 - £16.99

The smart choice: opportunity from uncertainty

More from The Register

next story
Yorkshire cops fail to grasp principle behind BT Fon Wi-Fi network
'Prevent people that are passing by to hook up to your network', pleads plod
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
NEW, SINISTER web tracking tech fingerprints your computer by making it draw
Have you been on YouPorn lately, perhaps? White House website?
LibreSSL RNG bug fix: What's all the forking fuss about, ask devs
Blow to bit-spitter 'tis but a flesh wound, claim team
Black Hat anti-Tor talk smashed by lawyers' wrecking ball
Unmasking hidden users is too hot for Carnegie-Mellon
Attackers raid SWISS BANKS with DNS and malware bombs
'Retefe' trojan uses clever spin on old attacks to grant total control of bank accounts
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
prev story

Whitepapers

Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.