Police in talks over pocket PC-crime detection tool
Police are in talks with companies about deploying a tool to detect evidence of illegal activity on PCs, aiming for it to be as easy to use as a breathalyser.
Officers in the Association of Chief Police Officers (Acpo) e-crime group are looking into commercial devices that can search text, pictures and computer code on a hard disc for material of interest.
Such 'digital triage' tools would allow police the flexibility to search for anything from text in emails relating to stolen goods to illegal images.
Forensic specialists within Acpo are examining how commercially available digital-triage tools can be adapted to develop the device, which they want to be as easy for frontline officers to use as a breathalyser.
Commercially available digital-triage tools targeted at law enforcement typically boot the target computer using a CD, which runs a forensically sound operating system to preserve the integrity of the data it holds for use in a criminal case. A separate program run from a USB drive will then search the disc for the material and extract it to the drive.
An Acpo spokeswoman told ZDNet UK's sister site, silicon.com: "[Acpo is] working with a commercial outlet to see what tools are available.There are quite specific objectives that they want to achieve and it is a case of discovering whether they need to rework something that is already in existence or develop a completely new tool."
The spokeswoman added: "If somebody is suspected of a certain form of activity they will be able to carry out a targeted search rather than having to look through every piece of data."
Currently, UK police forces have a backlog of hundreds of computers seized during criminal investigations. The backlog of seized machines, combined with modern drives which can hold terabytes of data, means that many forces will wait up to a year to analyse machines, Charlie McMurdie, head of the new Police Central e-Crime Unit, revealed last year.
Use of the tool could minimise the numbers of seized machines and help officers without digital forensics training to uncover evidence on a hard drive.
The continuing growth in the size modern hard drives means it is becoming increasingly important to speed up digital forensics, and the hope is that such devices will allow police to reduce the amount of work necessary to identify machines of interest to investigators.