First published January 2008
by James Hooker
I am rapidly approaching my final year of University, studying for a Forensic Computing degree, and like all students across the globe on a similar course, I am on a mission to find a project that will “wow” the forensic community and help land a great job. Browsing around several forums, blogs, pestering people for assistance, trying to come up with the golden goose of ideas is a daily occurrence for me. The problem isn’t that I’m lacking ideas, far from it – it’s that I have way too many! In an attempt to carve out a little niche subject for myself, I’ve been thinking about many applications where digital forensics may be used more in the future, and hoping that writing it down may provide a good read for those who like me, are new to the field, and may also be of interest to veteran investigators. Here are some of my thoughts:
Sky+/DVRs – DVR forensics is already a well established area, but it’s only a matter of time before your common house geek will realise that these Sky+ boxes that have invading our living rooms are actually little computers. Expect home brew Linux distros and root kits to be running on these machines.
Cell phones (“mobiles” to us Brits) – Cell phone forensics is one of those hot topics that has most likely been brought up at every conference and water cooler discussion in the last ten years. We carry these little computers everywhere with us, use them as cameras, email devices, talk to everyone with them and now even use them as GPS devices. I can only imagine how many crime cases could have been solved if the cost of analysing a cell phone was lower and less time consuming.
Vehicles – Having limited experience with real world cases, I have to rely a lot on reading ones that have been scattered around the internet. Let’s just say that in a court case, a car leasing company is suing a car manufacturer, making the accusation that software problems on the braking systems of certain cars in their fleet have caused fatal accidents, and the car manufacturer is denying any responsibility. Computer forensics specialists in the future could be called in to decompile and analyse the programmes that operate the braking systems in these cars, and determine if they were responsible in some way. Also, I saw a case online where a GPS was being analysed to determine a car’s position at a particular point in time. I can personally see that these types of cases will become more commonplace as computers and GPS devices are more often fitted as standard.
Appliances – Even our washing machines run on complex firmware these days, and if an insurance company has spotted a trend with a certain brand of washing machine leaking and ruining houses, forensic investigators could be called in to analyse the firmware to check if that could be the cause. What I’m trying to point out here is that even the least glamorous devices could be big work generators in the future.
Government work – Although the work may be a little less glamorous than the cool Mac based forensics of BBC’s Spooks, it is still very relevant and sought after. This type of work – including using different languages and various tracking techniques – is no longer limited to James Bond, but can also be relevant to corporate environments. Speaking to a few IT directors of high profile companies, phishing and other security breaches from abroad are becoming a real problem – so maybe picking up a second language would be a wise career move. I am currently trying to learn Mandarin and plan to learn Arabic in the future…and believe me, it isn’t easy!
Looking forward, I see my career in digital forensics being varied, and very rewarding. Not a lot of careers have a requirement for such a wide range of specialised knowledge and a knack for piecing together situations based on – literally – bits of evidence.
I’m still no closer to finding my dissertation subject…any suggestions welcome!
Email: me (at) jameshooker (dot) (com)