Saturday, September 20, 2008

Law & Order: Criminal Intent "Legacy"

Criminal Intent is one of the half-dozen or so spin-offs of the ever popular procedural drama Law & Order. The series follows a group of detectives--members of the NYPD's Major Case Squad--who are dedicated to bringing New York City's worst criminals to justice.

In this episode, the elite crime fighting squad get called to a prestigious private school to investigate a murder that was made to look like a suicide. During the course of their investigation, they find a laptop belonging to one of the suspects, and like all good television detectives, they turn it over to a nerdy guy named Ira for analysis.

As this plot line develops, the writers introduce two of my favorite gimmicks: the nonsensical technical monologue and the explain it in English one-liner:

"
Kiana used data utility wiping freeware but it performs like malware."
"In English, Ira."
"She download a free program to permanently delete a video file but it just moved it to another part of her hard drive."

I'm not really sure what "data utility wiping freeware" is exactly, but from the English explanation, I can only assume that it is a program that permanently deletes files off of a computer's hard drive, otherwise know as a disk or file wiping utility.

Techno-gibberish aside, I understand why the plot needs the girl to use
a this type of program--it shows that she understands what she did was wrong--but there is no reason for the program to be malware, or for her to even use it, to have the same plot outcome
.

Let me explain.

When someone edits a documents, especially with video editing software, temporary files are created to help keep track of changes for rollbacks (undo) or to preserve changes in the event of a system crash.

An every day example of this is when you have auto-save enabled in
Microsoft Word. If you look in the directory of the document you are editing, you can see a series of temp files that look like ~wrdxxxx.tmp. Another exampleare the temporary files that the operating system creates when you print a document--this is known as print spooling. These files usually get deleted by the application or operating system when they are no longer needed, but sometimes they don't.

This can create a serious problem if you want to encrypt or permanently delete a file. Most people assume that the file they just encrypted or deleted is the only copy on the disk drive, but in some cases it is not.

Additionally, most people assume that when you empty the trash everything in it is permanently deleted, when in reality, these files are very easy to recover if the computer is not used heavily after the deletion.

So, a more likely scenario for recovering the file would be Ira using a data recovery application or finding a temporary file that the suspect didn't know was there. The data wiping utility
malware angle, while possible, just does not seem likely.

Friday, September 19, 2008

Burn Notice "Good Soldier"

Hollywood has always had a love affair with biometrics. They were a mainstay of military, spy, and science fiction movies long before they were included on consumer laptops and door locks.

Because Hollywood got such a jump start on biometrics, most people's expectations have been set by these fictional depictions. In reality, the effectiveness of most biometric systems do not come close to what you see in movies and television.

An unfortunate side effect of this is that corporations have spent millions of dollars promoting and implementing these ineffective systems and, more discouragingly, governments have based public policy on these Hollywood induced misconceptions.

If you remember back to the Burn Notice pilot, the protagonist--black listed spy Michael Weston--opens a biometric safe with a print he lifted off of its finger print reader.

This episode shows an attack against another biometric security mechanism, this time a facial recognition system that is designed to generate an alert when an unauthorized person enters a room.

Earlier this year, the Japanese government introduced regulation that allows for the prosecution of vending machine companies that sell cigarettes to persons under the age of 20.

Long before facial recognition became fashionable, 41 states and the District of Columbia implemented policies that restricted the sales of cigarettes through vending machines, in some cases these policy resulted in a complete ban on the practice.

These policies were implemented based on years of research that suggested that younger children where more likely to obtain cigarettes from vending machine than any other source, including friends and family. Additionally, subsequent research data has shown that a complete ban on cigarette machines in places frequented by young children is significantly more effective than alternatives such as device locks.

So why did the Japanese government choose not to ban vending machines? While I am no expert in Japanese politics, I suspect that a vending machine company named Fujitaka convinced the regulating body that they could accurately judge the age of a purchaser by using biometrics--at least 90% of the time.

What Fujitaka and the Japanese regulators soon found out was that a 3-inch magazine photo placed in front of the camera would fool the system into selling cigarette to underage kids. Oops.

This is exactly what Michael Weston does to gain entry to the hotel room of his sexy nemesis Carla. Armed with a 8x10 head shot of the room service guy, he easily gains entry into the room without setting off the alarm. Sound familiar? You can thank a bunch of Japanese school girls for this one.