Police, penguin join forces on forensics

Australian federal and state law enforcement agencies have introduced the Linux platform as a new crime fighting tool with the New South Wales state computer crime unit recently installing 40 boxes with triple boot systems.

The installation complements a Linux-based forensic tool being used by law enforcement, called the Storage Media Archival and Recovery Tool (Smart), which was developed by U.S. forensic computer scientist Andrew Scott Rosen of Data Recovery & Acquisition and Analysis.

Rosen is in Australia with U.S. Linux expert Thomas Rude installing and configuring the machines, which have also been introduced by the Australian Federal Police, Attorney General’s office and the Defense Signals Directorate.

Rosen said the Linux operating system is being used by computer crime units because it is a tool used by the ‘bad guys’ and police need to know the mechanics of an offense and how it was committed.

“Serious hackers already use Unix and Linux, so when you seize the computer you also have to know the system to see how a suspect committed the act,” he said.

“To see the police using FreeBSD for forensics is exciting; they are out on the cutting edge.

“But the bottom line is the police have a need and Linux meets that need; it is the most effective platform available for what they want to do.”

The installation follows a computer forensics course undertaken by state And federal police earlier this year on how to preserve and handle evidence with the Smart tool a key focus of the training program.