Future Crime

In Reference to Murder is a great resource of links to other crime related sites.  Organized by crime type.

Check out this interesting video of a virtual reality police line up. the system was developed at Stanford’s Virtual Human Interaction Lab and depicts several interesting concepts employing virtual reality to improve the line up process. The VHIL’s research was performed in collaboration with the Research Center for Virtual Environments and Behavior, the National Science Foundation, and the Federal Judicial Center. the goal of the work is to apply virtual environments to deepend understanding of how witnesses of crimes identify suspects.

The eyewitness observes the suspects through viewing a virtual environment delivered to a head mounted display, although I can see no reason why a similar set of functionality could not be delivered to a screen based system. This allows the eyewitness to potentially be at a remote or distant location from the suspects, who need not even all be present at one location themselves.

The use of a 3D interactive environment also makes it is possible for an eyewitness to not only to see the individuals in the line up from the front, but also to “fly around” them and view them from different angles or even from just inches away.

This also makes it possible to place the line up in a different virtual location, perhaps into a scene similar to where the crime was committed.

Unfortunately, the virtual line up as implemented suffers from several weaknesses. First, the current implementation uses digital “busts” glued onto representative bodies. While this approach allows for the creation of digital “foils”, simulated persons similar in appearance to a true suspect, it also means that facial motion can not be presented. This representation can be misleading also because the body shape, stature, and clothing may not be accurate representations of the suspects’ true appearance. It also limits the ability to employ realistic representations of distinguishing marks not found on the face, i.e. tattoos and scars.

Second, as implemented, the virtual busts have no ability to be animated in real-time. Facial motion is known to be an important cue in facial recognition and this work ignores some of the well known results in the study of human face and person recognition abilities here. Finally, the avatar body motions are completely fake eliminating the use of any cues related to body motion, gait, etc. which have also been shown to aid recognition.

Unfortunately these limitations of the head mounted virtual reality based line up are likely to prevent its use in any real world line ups. A better approach would seem to be using blue/green screen video based capture of real suspect images possibly from multiple cameras, and image based rendering to generate the virtual face views. See for example this research and the research at the Fraunhofer Institute into image based rendering of faces for virtual conferencing.

A podcast of an interview with Dr Charles Palmer of IBM on cybercrime.

From the IBM investor relations area.

According to WCBS, a woman in Westchester NY was not only able to locate her stolen laptop on the Internet but also was able to remotely photograph the thieves using the laptop’s internal web camera.  The perpetrators were caught as a result.  Apparently a friend of the laptop’s owner noticed that the stolen machine was online, and notified the true owner who was able to use Back to My Mac to take control of her Mac over the Internet to obtain the pictures.  Future criminals and crime fighters take note.

Horses are valuable and stealing horses is a big business. “EDNA Test” is now offering Equine CODIS, based upon the same process as the FBI’s human own CODIS system which is used for human DNA analysis. CODIS stands for Combined DNA Information Systems. The CODIS software enables State, local, and national law enforcement crime laboratories to compare DNA profiles electronically. Horses don’t have fingerprints and therefore DNA is the most accurate available method for horse identification. Implanted microchips have potential health risks, and along with tattoos or brands can be altered or removed. Reference http://www.pr-usa.net/index2.php?option=com_content&do_pdf=1&id=103090

It has been revealed that Microsoft has developed a tool which will enable forensic investigators to easily gather digital evidence after a crime has been committed. The COFEE is a USB device that reportedly supports 150 commands that can dramatically cut the time it takes to gather digital evidence including decrypting passwords analyzing Internet activity, and all data stored in the computer. Apparently the device has been available to the law enforcement community since June 2007, although there have not to my knowledge been any previous public revelations of its use. Microsoft’s Tim Cranton describes COFEE as “a preconfigured, automated tool” that “fits on a USB thumb drive. Prior to COFEE the equivalent work would require a computer forensics expert to enter 150 complex commands manually through a process that could take three to four hours. With COFEE, you simply plug into a running computer to extract the data with the click of one button –completing the work in about 20 minutes.” Cranton states that more than 2,000 law enforcement officers have registered for COFEE and the tool is used in over 15 countries.

The IMO not very surprising revelation of COFEE hit the blogosphere today during Microsoft’s 2nd Annual Law Enforcement technology Conference an event especially for law enforcement officials which is being attended by 400 individuals from more than 80 agencies in 35 countries around the world.

COFEE is only one aspect of Microsoft’s anti-cybercrime efforts. Cranton also described the role of the Internet Safety Enforcement Team and organization founded in 2002 as making “the Internet safer and more secure for everyone. ” Although Cranton didn’t go into any further detail of what this organization actually does on a day to day basis, he does reveal that the ISET consists of “35 professionals around the globe including former prosecutors, investigators, software engineers and business professionals whose full-time job is to make the Internet a safer place.”

This seems to be somewhat at odds with Aaron Kornblum’s previous revelations about ISET which described the organization as “a worldwide group of 65 attorneys, investigators, and other professionals” but whatever the size of the organization it appears their primary work is to aid law enforcement with technical investigations. ISET aided the FBI in gathering evidence against convicted phisher Jayson Harris who was operating “a phishing scheme by creating a bogus MSN billing website and then sending e-mails to MSN customers requesting that they visit the website and update their accounts by providing credit card account numbers and other personal information. “

The work of Peter Fifka, an ISET investigator was documented in an enjoyable 2003 article entitled Gumshoe chases Internet villains in Eastern Europe ISET also targets spammers and the creators of viruses and worms. Some are sure to question Microsoft’s motives and wonder about their influence over investigations conducted by the law enforcement community.

The Justice Department says the company doesn’t influence its investigations. Microsoft is not “driving law enforcement’s priorities,” according to Christopher Painter, deputy chief of the department’s Computer Crime Section, but given the fact that Microsoft appears to initiate at least some of the investigations conducted by ISET questions are likely to remain.

[Update: According to this article, COFEE was developed by Anthony Fung, a senior investigator on Microsoft's Internet Safety Enforcement Team.  Some additional interesting speculation about COFEE here ]

I’ve been so busy fighting crime that I haven’t had much time to post. But I’m back and ready to start posting again!

WIRED reports on another ATM manufacturer that printed the default master passwords to their ATM machines directly in their user manuals.  Future Crime readers will recall that I previously reported on a similar issue with the Tranax ATM. 

 Of course the ATM users could change these passwords, but since the machine does not require them to do so, many simply don’t.  As is so often the case, good security starts with common sense, thinking about the problem from the user’s perspective, and a little bit of thoughful design.  It seems Triton could use some help in this area.

This is a somewhat comical true story of some rather clueless criminals in Denver that used WD-40 to “obscure” surveillance cameras and couldn’t open a few safes even though they apparently had the combinations.  Getting a bit creative these obvious amateurs were able to use Google to search for “how to open a safe” and “how to crack a safe.”  With this information they were able to quickly figure out how to open the safes and got away with $12,000.

 It is not difficult to find information that might be useful in the commision of crimes using Google.  For example one can learn to escape from handcuffs or pick a lock, although obviously these skills still do require some practice.  I’ve previously written about the possibility of using Google Calendar to determine both a target and the timing of a crime.  A similar story recently was reported by the Washington Post and made its way around the blogosphere as well.

WIRED has a very detailed and interesting article today detailing the use of spyware by the FBI to catch a teen “prankster” that was behind bomb threats at a Washington High School.

 In the sidebar, the article includes a somewhat terse description of the systems capabilities:

 The full capabilities of the FBI’s “computer and internet protocol address verifier” are closely guarded secrets, but here’s some of the data the malware collects from a computer immediately after infiltrating it, according to a bureau affidavit acquired by Wired News.

• IP address
• MAC address of ethernet cards
• A list of open TCP and UDP ports
• A list of running programs
• The operating system type, version and serial number
• The default internet browser and version
• The registered user of the operating system, and registered company name, if any
• The current logged-in user name
• The last visited URL

Once that data is gathered, the CIPAV begins secretly monitoring the computer’s internet use, logging every IP address to which the machine connects.

All that information is sent over the internet to an FBI computer in Virginia, likely located at the FBI’s technical laboratory in Quantico.