Linux tool speeds up computer forensics for cops
The tool was developed by students from Edith Cowan University's School of Computing and Information Sciences and will help the Western Australian Police Computer Crime Squad process their forensic investigations.
Called Simple (for Simple Image Preview Live Environment), the software allows investigators to view and acquire forensic data at the scene of the crime without compromising the integrity of data as it is collected.
"It's a Linux Live CD that we have
The operating system has had some features removed so that investigators can view data
"We stripped out a large amount of functionality because we want to maintain the integrity of data collected, so we removed all network support and the ability to write to disk. Also, if for some reason a disk is writeable, the system will halt automatically," he added.
"Our software
The Simple tool searches the system for specific file types like MPEG or JPEG files, saving time on the often lengthy search process.
Hoping to achieve even greater automation during
The idea for the tool first came when the Western Australian Police approached the university in 2006, since its investigators could not handle the amount of computer forensic data requests, which relate mostly to child pornography and bestiality.
Normally police need to take the PCs back to the station to begin acquiring forensic data, but with this tool, according to Hannay, police will be able to collect the data on the spot.
Liam Tung of ZDNet Australia reported from Sydney.
©2007 CNET Networks, Inc. All rights reserved. CNET , CNET.com , and the CNET logo are registered trademarks of CNET Networks, Inc. Used by permission.