ITWales.com

Book review: Traces of Guilt

By Joanna Gooch

Traces of Guilt Publisher: Bantam Press
Published: February 2004
ISBN: 0593051866






Computer crime is a huge and far reaching topic which affects us all on a daily basis. How many of us bank online? How many people bank somewhere that doesn't use computers? The majority of us never really know who else is reading our e-mail, who is watching our online activities for whatever reason, how safe our business information is, and consequently, how on earth we can possibly sleep at night.

Luckily, computer crime is not an entirely unfathomable mystery. "Traces of Guilt" by Professor Neil Barrett takes the reader through a variety of computer crimes and the techniques used to catch the criminals, from 'old crimes' (old crimes using new technology like fraud or espionage) to 'new crimes' (such as viruses, hacking and 'cyber-stalking'). Reading this book left me glad that I'm not a systems administrator - and the only thing keeping me from sleeping at night was my inability to set it aside in favour of a good night's sleep.

Neil Barrett first came into the world of computer crime by hacking while at Nottingham University. Back then computers were big enough to fill entire rooms and a lot less of our world was controlled by them. For him, hacking was a hobby of curiosity rather than malicious intent.

After graduating in mathematics and computer science, Barrett went on to complete his PhD. He is currently the technical director and a founding member of IRM, an information security consultancy, and a professor of Computer Criminology at the Royal Military College of Science, Cranfield University. He helped the National Hi-Tech Crime Unit develop its policies on computer evidence handling and has appeared as an expert witness in court many times in addition to helping the police with crime investigations.

Traces of Guilt covers a wide spectrum of computer crime cases, although not all in detail. It also demonstrates the lateral thinking involved in solving computer related crimes. Though I am a technically minded person, there were still some scenarios where I would not have thought of looking to a computer for evidence. From a business point of view, Traces of Guilt provides a reminder time and time again of the importance of good security practice, and the costly mistakes that have been made by those who were unaware.

One of my favourite chapters concerns an ethical hacking exercise. Having given a talk on network security in the context of the information made available on business cards, Barrett was approached by an Australian with the chance to break into systems which he had been assured were secure, with just the information from a business card as a point of departure.

This exercise was a major make-or-break case for Barrett's Internet security consultancy. The chapter follows very carefully the steps taken by Barrett and his team as they work their way through the 'secure' systems of the multi-billion dollar offshore trading company. Although it was an obviously horrifying experience for the company itself, you can't help but smile as you read about the team's coffee-fuelled nights of worry as the deadline approached. In fact there were many points in the book where I found myself laughing out loud and then sheepishly trying to explain just why [insert any technical term here] was so funny without sounding like a total geek.

There are several references to pornography related crime, including Barrett's work in the infamous case of Paul Gadd, aka Gary Glitter. Refreshingly, in between the technical narrative Barrett takes some time out to describe how working on such cases affected him mentally and emotionally, and how when he had to examine evidence from a child pornography case for the first time, he began to worry not only for the safety of his own children but also that looking at such material might turn himself into a paedophile.

As an expert witness in cases it is Barrett's job to explain the technical material to a jury which may have no technical experience; without Barrett's input, such a jury may not always be able to determine whether the defendant is guilty or not. One such case dealt with a gruesome murder, where I found myself mentally hiding behind the sofa as the details unfurled. It is unlikely that the defendant's cast-iron alibi would have been disproved had it not been for Barrett's ingenuity.

The book makes clear how sometimes the law can be frustratingly inadequate when dealing with computer crimes. The Computer Missuse Act of 1990 is beginning to crack under the strain of the weight of new crimes which are no longer covered by its once expansive definitions. A close to home example of this is the case of Raphael Gray, a young hacker from West Wales who was arrested in March 2002 after gathering and publishing credit card details from unprotected web servers.

Some readers may remember him as the man who had Viagra delivered to Bill Gates, using his own credit card details for payment. Gray's defence didn't contest the accuracy of the evidence gathered against him, but rather that the Computer Missuse Act 1990 was not applicable. This served as a rather rude wake up call to a world where most companies do not prosecute hackers because they want to avoid bad publicity, let alone adding to the problems with classifying computer crime.

The narrative, as the case history is revealed, goes through several pace changes as the author moves between the telling of successful and non successful cases. Perhaps Barrett understandably injects greater enthusiasm into the details of cases that had a pleasant outcome, or maybe I'm just a sucker for happy endings.

The technical content was well explained, as you'd expect from an expert witness, although perhaps not entirely correct when simplified for non-technical readers. As a result, some of the passages can seem slightly repetitive but are necessary to ensure everyone gets a complete picture.

That said, the technical details are not the main theme of this book, so don't expect to find anything really deep or geeky. The chapters can be quite long and might have been better broken down into smaller chunks, in much the same way a BBC crime thriller is split over two nights. This could be seen as an advantage though, as once I picked the book up it took some serious bribery from my partner, when reading before bedtime, to put the book down and turn off the light.

Traces of Guilt provides an excellent walk through of human emotions and crime scenarios as Barrett deals with the mental and emotional issues of dealing with the dark and seedy underbelly of our bright new electronic future. A compelling read, definitely worth its RRP of £16.99.

About the Author

Joanna Gooch is studying for a Ph.D in Computer Science, having come to the University of Wales Swansea five years ago and forgotten to leave. She has a desk (probably) under a ton of papers that include undergraduate marking and diagrams of how to do backflips. In her spare time, she coaches the UWS Shadows, Swansea's cheerleading squad. Feedback may be directed via editor@itwales.com.




Home, Services, Events, Features, Interviews, Profiles, Reviews, News, Resources, Press