Traces of Guilt: computer crime from the front line

Computer forensics dissected

Book review It's rare to read a book about computer security that captures the spills and thrills of hunting cyber-criminals.

Neil Barrett's Traces of Guilt conveys the intellectual excitement of the chase and sheds light on the real extent of computer crime and the use of computer evidence in a wide varietyof cases.

An ex-hacker in his youth, Barrett these days advises the police as well as working as a security consultant for major companies. He testifies regularly as an expert witness in criminal prosecutions, mostly appearing for the prosecution.

Barrett's book takes the reader into the world of the computer forensics and guides us through some of the high profile cases he's worked on - from Gary Glitter's conviction as a child porn-user through sundry cases of hacking to a brace of murder trials where computer evidence was key to the conviction or acquittal of suspects. The book outlines the evolution of computer forensics techniques: Barrett is particularly good at explaining how computer evidence has become an important aspect in investigating 'ordinary crimes'.

At times, Traces of Guilt reads like the script for an episode of CSI; and we get to understand the specifics of crimes committed and clues left by suspects, which he recovered.

PC procedural

The book contains 14 chapters, 12 of which deal with cases and investigations in which Barrett was involved. For example, one chapter explains how a murderer's water-tight alibi was broken through an investigation into the internal clock of a computer dispensing receipts at a chemist, which was an hour slow.

Not all of the cases Barrett writes about lead to criminal prosecutions. He was, for instance, involved in the discovery of a secondhand computer discarded from a high street bank contained the banking details of Sir Paul McCartney, including his account number, sort code and balance.

The role that computers play in crime - and in particular the detection and prosecution of crime - are central to the book.

Barrett is interested in relating the specifics of the investigations he has been involved in and from this we get a series of true-life detective stories. Connoisseurs of police procedural novels will enjoy Barrett's work.

Fear of a black hat

The book is written to be understood by the layman but network administrators will find much of value on within its covers, not least when Barrett discusses the step-by-step approach that crackers commonly take to break into systems. The book also devotes one chapter to social engineering.

Barrett is almost as good on the motives of hackers. Hacking, in his book, is seldom a random act and often geared towards a specific criminal objective.

The author reports in detail incidents where computer crime suspects used encryption to hide their tracks, and the battle of wits which ensued between hackers and computer experts. From the book we learn that the National Hi-Tech Crime Unit has access to GCHQ code breaking resources in cases involving national security or attacks on national infrastructure organisations, such as utilities.

No future

Computers do not destroy data when a user deletes it, therefore leaving evidence for investigators to locate.

Windows XP provides disk level encryption - which Barrett foresees will cause problems in the forensic examination of computers. He also discusses the difficulties in tracing criminals created by the introduction of wireless networking.

Barrett makes these points in a very short final chapter of just four pages. If the book has a fault it is a lack of an overview which ties together all the cases together and looks to the future. This is, perhaps, something for Barrett's next book.

Minor quibble aside, Traces of Guilt is a well-written study which lifts the lid on computer forensics, while avoiding sensationalism. The book benefits from Barrett's obvious enthusiasm for his work and down-to-earth perspective. His humour shines through. Anyone who is interested in computer forensics will enjoy the book.

Strongly recommended. ®

Traces of Guilt, by Neil Barrett
Bantam Press
Hardcover - 251 pages
Feb 2004 - £16.99

Sponsored: Designing and building an open ITOA architecture