Feeds

Traces of Guilt: computer crime from the front line

Computer forensics dissected

  • alert
  • submit to reddit

The Essential Guide to IT Transformation

Book review It's rare to read a book about computer security that captures the spills and thrills of hunting cyber-criminals.

Neil Barrett's Traces of Guilt conveys the intellectual excitement of the chase and sheds light on the real extent of computer crime and the use of computer evidence in a wide varietyof cases.

An ex-hacker in his youth, Barrett these days advises the police as well as working as a security consultant for major companies. He testifies regularly as an expert witness in criminal prosecutions, mostly appearing for the prosecution.

Barrett's book takes the reader into the world of the computer forensics and guides us through some of the high profile cases he's worked on - from Gary Glitter's conviction as a child porn-user through sundry cases of hacking to a brace of murder trials where computer evidence was key to the conviction or acquittal of suspects. The book outlines the evolution of computer forensics techniques: Barrett is particularly good at explaining how computer evidence has become an important aspect in investigating 'ordinary crimes'.

At times, Traces of Guilt reads like the script for an episode of CSI; and we get to understand the specifics of crimes committed and clues left by suspects, which he recovered.

PC procedural

The book contains 14 chapters, 12 of which deal with cases and investigations in which Barrett was involved. For example, one chapter explains how a murderer's water-tight alibi was broken through an investigation into the internal clock of a computer dispensing receipts at a chemist, which was an hour slow.

Not all of the cases Barrett writes about lead to criminal prosecutions. He was, for instance, involved in the discovery of a secondhand computer discarded from a high street bank contained the banking details of Sir Paul McCartney, including his account number, sort code and balance.

The role that computers play in crime - and in particular the detection and prosecution of crime - are central to the book.

Barrett is interested in relating the specifics of the investigations he has been involved in and from this we get a series of true-life detective stories. Connoisseurs of police procedural novels will enjoy Barrett's work.

Fear of a black hat

The book is written to be understood by the layman but network administrators will find much of value on within its covers, not least when Barrett discusses the step-by-step approach that crackers commonly take to break into systems. The book also devotes one chapter to social engineering.

Barrett is almost as good on the motives of hackers. Hacking, in his book, is seldom a random act and often geared towards a specific criminal objective.

The author reports in detail incidents where computer crime suspects used encryption to hide their tracks, and the battle of wits which ensued between hackers and computer experts. From the book we learn that the National Hi-Tech Crime Unit has access to GCHQ code breaking resources in cases involving national security or attacks on national infrastructure organisations, such as utilities.

No future

Computers do not destroy data when a user deletes it, therefore leaving evidence for investigators to locate.

Windows XP provides disk level encryption - which Barrett foresees will cause problems in the forensic examination of computers. He also discusses the difficulties in tracing criminals created by the introduction of wireless networking.

Barrett makes these points in a very short final chapter of just four pages. If the book has a fault it is a lack of an overview which ties together all the cases together and looks to the future. This is, perhaps, something for Barrett's next book.

Minor quibble aside, Traces of Guilt is a well-written study which lifts the lid on computer forensics, while avoiding sensationalism. The book benefits from Barrett's obvious enthusiasm for his work and down-to-earth perspective. His humour shines through. Anyone who is interested in computer forensics will enjoy the book.

Strongly recommended. ®

Traces of Guilt, by Neil Barrett
Bantam Press
Hardcover - 251 pages
Feb 2004 - £16.99

Build a business case: developing custom apps

More from The Register

next story
14 antivirus apps found to have security problems
Vendors just don't care, says researcher, after finding basic boo-boos in security software
'Things' on the Internet-of-things have 25 vulnerabilities apiece
Leaking sprinklers, overheated thermostats and picked locks all online
iWallet: No BONKING PLEASE, we're Apple
BLE-ding iPhones, not NFC bonkers, will drive trend - marketeers
Only '3% of web servers in top corps' fully fixed after Heartbleed snafu
Just slapping a patched OpenSSL on a machine ain't going to cut it, we're told
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Secure microkernel that uses maths to be 'bug free' goes open source
Hacker-repelling, drone-protecting code will soon be yours to tweak as you see fit
Israel's Iron Dome missile tech stolen by Chinese hackers
Corporate raiders Comment Crew fingered for attacks
Tor attack nodes RIPPED MASKS off users for 6 MONTHS
Traffic confirmation attack bared users' privates - but to whom?
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Maximize storage efficiency across the enterprise
The HP StoreOnce backup solution offers highly flexible, centrally managed, and highly efficient data protection for any enterprise.