A university in Australia is developing a Linux Live CD called SImPLE (I have no idea if that stand for anything or if it's a typo) that scans for illicit images on a computer. It never writes anything to the hard drive, so the evidence can be used in court, but they don't say how it scans for the images.
It's primary purpose is apparently to search for child porn, but I really cannot understand how it works. Does it scan video? Does it look for flesh tones? How does it tell the difference between "acceptable" porn and child porn? Does it scan internet history? Does it just look for file names?
The list of questions is miles long and leaves a lot of doubt in my mind. It sounds like a simple (no pun intended) tool for computer illiterate cops to do a quick scan of JPEGs and view any possible matches without any real training. I guess that's why they call it SImPLE? Even the name is terrible to type.
They're also considering a fraud version of the CD to search for financial documents. That seems to reinforce the idea that it searches for quick matches hoping to get lucky. This image version probably search for file names hoping the criminal is stupid and the fraud version will probably search for all Excel documents.
It doesn't even search deleted items.
Sounds like an overrated beginners forensics tool to me.
Source
No comments:
Post a Comment