Feeds

Traces of Guilt: computer crime from the front line

Computer forensics dissected

  • alert
  • submit to reddit

SANS - Survey on application security programs

Book review It's rare to read a book about computer security that captures the spills and thrills of hunting cyber-criminals.

Neil Barrett's Traces of Guilt conveys the intellectual excitement of the chase and sheds light on the real extent of computer crime and the use of computer evidence in a wide varietyof cases.

An ex-hacker in his youth, Barrett these days advises the police as well as working as a security consultant for major companies. He testifies regularly as an expert witness in criminal prosecutions, mostly appearing for the prosecution.

Barrett's book takes the reader into the world of the computer forensics and guides us through some of the high profile cases he's worked on - from Gary Glitter's conviction as a child porn-user through sundry cases of hacking to a brace of murder trials where computer evidence was key to the conviction or acquittal of suspects. The book outlines the evolution of computer forensics techniques: Barrett is particularly good at explaining how computer evidence has become an important aspect in investigating 'ordinary crimes'.

At times, Traces of Guilt reads like the script for an episode of CSI; and we get to understand the specifics of crimes committed and clues left by suspects, which he recovered.

PC procedural

The book contains 14 chapters, 12 of which deal with cases and investigations in which Barrett was involved. For example, one chapter explains how a murderer's water-tight alibi was broken through an investigation into the internal clock of a computer dispensing receipts at a chemist, which was an hour slow.

Not all of the cases Barrett writes about lead to criminal prosecutions. He was, for instance, involved in the discovery of a secondhand computer discarded from a high street bank contained the banking details of Sir Paul McCartney, including his account number, sort code and balance.

The role that computers play in crime - and in particular the detection and prosecution of crime - are central to the book.

Barrett is interested in relating the specifics of the investigations he has been involved in and from this we get a series of true-life detective stories. Connoisseurs of police procedural novels will enjoy Barrett's work.

Fear of a black hat

The book is written to be understood by the layman but network administrators will find much of value on within its covers, not least when Barrett discusses the step-by-step approach that crackers commonly take to break into systems. The book also devotes one chapter to social engineering.

Barrett is almost as good on the motives of hackers. Hacking, in his book, is seldom a random act and often geared towards a specific criminal objective.

The author reports in detail incidents where computer crime suspects used encryption to hide their tracks, and the battle of wits which ensued between hackers and computer experts. From the book we learn that the National Hi-Tech Crime Unit has access to GCHQ code breaking resources in cases involving national security or attacks on national infrastructure organisations, such as utilities.

No future

Computers do not destroy data when a user deletes it, therefore leaving evidence for investigators to locate.

Windows XP provides disk level encryption - which Barrett foresees will cause problems in the forensic examination of computers. He also discusses the difficulties in tracing criminals created by the introduction of wireless networking.

Barrett makes these points in a very short final chapter of just four pages. If the book has a fault it is a lack of an overview which ties together all the cases together and looks to the future. This is, perhaps, something for Barrett's next book.

Minor quibble aside, Traces of Guilt is a well-written study which lifts the lid on computer forensics, while avoiding sensationalism. The book benefits from Barrett's obvious enthusiasm for his work and down-to-earth perspective. His humour shines through. Anyone who is interested in computer forensics will enjoy the book.

Strongly recommended. ®

Traces of Guilt, by Neil Barrett
Bantam Press
Hardcover - 251 pages
Feb 2004 - £16.99

High performance access to file storage

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
Heartbleed exploit, inoculation, both released
File under 'this is going to hurt you more than it hurts me'
Arts and crafts store Michaels says 3 million credit cards exposed in breach
Meanwhile, Target investigators prepare for long process in nabbing hackers
Canadian taxman says hundreds pierced by Heartbleed SSL skewer
900 social insurance numbers nicked, says revenue watchman
prev story

Whitepapers

SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.