Feeds

Plod punishes PC-reliant businesses

Innocent or not, you deserve to suffer

Top three mobile application threats

As police begin the tedious task of sifting through Tory frontbench spokesman Damien Green’s computer effects, politicians and professionals have expressed concern that computer investigations are becoming a source of serious injustice, in need of reform and regulation.

If you are suspected of an offence that involves the use of a PC, then at some point it is likely that the police will make a visit and remove the offending computer, or other gadget, for forensic examination.

The problem arises from the lack of standard procedures across the 43 police forces in England and Wales and an unwillingness to facilitate access to an individual’s data. Depending on resource levels, forces can take between three and 18 months to examine and return a PC. In some cases, where a trial is pending, they can take even longer.

Meanwhile, anyone whose work or business resides mainly on their PC – their address books, accounts, product information – must sit back and see their life put on hold. Individuals who are merely accused of a crime can suffer severe financial hardship or be bankrupted as the legal process grinds slowly on. Even where the police eventually decide there is “no case to answer”, lives can be ruined - yet the government appears uninterested in doing anything about the issue.

We contacted various bodies in an attempt to gauge the scale of the problem. While forensic experts agree that the number of PCs brought in for investigation is growing, year on year, neither the police nor the Home Office collect the figures. This leads, bizarrely, to some police forces cutting back on resources for investigating PCs at the very time when they need more.

In the absence of precise figures, industry experts estimated that between 80 per cent and 90 per cent of investigations involve the police looking for child porn. Other reasons include IP theft, fraud, terrorism or, rarely, breaches of the Official Secrets Act.

Equipment is then stored by the police, pending examination by both prosecution and defence experts. According to Simon Steggles, MD of DiskLabs, an organisation offering a commercial forensic service to either side in such cases, direct examination is carried out on clones of the hard drive, rather than the original hard drive, in order to preserve the evidentiary value of the data. He said: "We forensically 'image' data using various methods such as Encase or Forensic ToolKit software or Image MASSter SOLO 3 hardware copier, which is a faster option with a theoretical 3Gb per minute transfer rate, although we normally get around 800Mb per minute.

"We check the digital fingerprint – the MD5 Hash, or checksum – of every copy before removing it: if a single comma or full stop has changed, it will fail the 'fingerprint' test and we will start the process again."

In other words, standard procedure already allows for individuals to regain access to their data. However, several experts we have spoken to all confirm that this can be problematic, citing police attitudes and obstructiveness, as well as a failure by the courts and the legal system to understand the issues involved.

Chris Huhne MP, Home Affairs Spokesman for the Lib Dems, said: "In complex cases it is vital that the police have the technological capability to carry out thorough investigations and that suspects cannot tamper with the evidence. However, it seems unnecessarily punitive to stop people from accessing important personal or business information for as long as 18 months. A system needs to be created that serves the best interests of justice as well as individual needs." ®

Combat fraud and increase customer satisfaction

More from The Register

next story
Lavabit loses contempt of court appeal over protecting Snowden, customers
Judges rule complaints about government power are too little, too late
Don't let no-hire pact suit witnesses call Steve Jobs a bullyboy, plead Apple and Google
'Irrelevant' character evidence should be excluded – lawyers
Record labels sue Pandora over vintage song royalties
Companies want payout on recordings made before 1972
EFF: Feds plan to put 52 MILLION FACES into recognition database
System would identify faces as part of biometrics collection
Edward Snowden on his Putin TV appearance: 'Why all the criticism?'
Denies Q&A cameo was meant to slam US, big-up Russia
Ex-Tony Blair adviser is new top boss at UK spy-hive GCHQ
Robert Hannigan to replace Sir Iain Lobban in the autumn
Judge halts spread of zombie Nortel patents to Texas in Google trial
Epic Rockstar patent war to be waged in California
US Supreme Court supremo rakes Aereo lawman in oral arguments
Antenna-array content streamers: 'Ruling against us could dissipate the cloud'
German space centre endures cyber attack
Chinese code retrieved but NSA hack not ruled out
prev story

Whitepapers

Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.