forensics

14 Articles

Books You Should Read: Why Buildings Fall Down

November 23, 2022 by 35 Comments

People with long commutes usually come up with tricks to stay focused and alert and avoid the dangerous tendency to zone out during the drive. One trick I used to use was keeping mental track of the various construction projects I’d pass by on my way to work, noticing which piers on a new highway overpass were nearing completion, or watching steelworkers put together the complex rebar endoskeletons of a new stretch of roadway.

One project I loved to watch back in the 80s was a new high-rise going in right next to the highway, which fascinated me because of the construction method. Rather than putting together a steel frame, laying out decking, and covering each floor with concrete, the workers seemed to be fabricating each floor at ground level and then jacking them up on the vertical steel columns. I was fascinated by this because every time I passed by the floors were in a different position, spreading out vertically as the building grew.

And then one day, it just wasn’t there anymore. Where there had been columns stretching nine stories into the city sky with concrete slabs lined up ready to be jacked up into their final positions, there was just an enormous hole in the ground with a ghastly gray cloud of concrete dust rising from it. It was April 23, 1987, and what was once going to be a luxury apartment building called L’Ambience Plaza in Bridgeport, Connecticut lay pancaked into the ground, entombing the bodies of 28 construction workers.

Continue reading “Books You Should Read: Why Buildings Fall Down”

Solar System Wars: Walmart Versus Tesla

September 19, 2019 by 61 Comments

It seems like hardly a day goes by that doesn’t see some news story splashed across our feeds that has something to do with Elon Musk and one or another of his myriad companies. The news is often spectacular and the coverage deservedly laudatory, as when Space X nails another double landing of its boosters after a successful trip to space. But all too often, it’s Elon’s baby Tesla that makes headlines, and usually of the kind that gives media relations people ulcers.

The PR team on the automotive side of Tesla can take a bit of a breather now, though. This time it’s Elon’s solar power venture, Tesla Energy Operations, that’s taking the heat. Literally — they’ve been sued by Walmart for rooftop solar installations that have burst into flames atop several of the retail giant’s stores. While thankfully no lives have been lost and no major injuries were reported, Walmart is understandably miffed at the turn of events, leading to the litigation.

Walmart isn’t alone in their exposure to potential Tesla solar problems, so it’s worth a look to see what exactly happened with these installations, why they failed, and what we as hackers can learn from the situation. As we’ll see, it all boils down to taking electrical work very seriously and adhering to standards designed to keep everyone safe, even when they just seem like a nuisance.

Continue reading “Solar System Wars: Walmart Versus Tesla”

No, Your 3D Printer Doesn’t Have A Fingerprint

March 12, 2019 by 103 Comments

Hackers and makers see the desktop 3D printer as something close to a dream come true, a device that enables automated small-scale manufacturing for a few hundred dollars. But it’s not unreasonable to say that most of us are idealists; we see the rise of 3D printing as a positive development because we have positive intentions for the technology. But what of those who would use 3D printers to produce objects of more questionable intent?

We’ve already seen 3D printed credit card skimmers in the wild, and if you have a clear enough picture of a key its been demonstrated that you can print a functional copy. Following this logic, it’s reasonable to conclude that the forensic identification of 3D printed objects could one day become a valuable tool for law enforcement. If a printed credit card skimmer is recovered by authorities, being able to tell how and when it was printed could provide valuable clues as to who put it there.

This precise line of thinking is how the paper “PrinTracker: Fingerprinting 3D Printers using Commodity Scanners” (PDF link) came to be. This research, led by the University at Buffalo, aims to develop a system which would allow investigators to scan a 3D printed object recovered from a crime scene and identify which printer was used to produce it. The document claims that microscopic inconsistencies in the object are distinctive enough that they’re analogous to the human fingerprint.

But like many of you, I had considerable doubts about this proposal when it was recently featured here on Hackaday. Those of us who use 3D printers on a regular basis know how many variables are involved in getting consistent prints, and how introducing even the smallest change can have a huge impact on the final product. The idea that a visual inspection could make any useful identification with all of these parameters in play was exceptionally difficult to believe.

In light of my own doubts, and some of the excellent points brought up by reader comments, I thought a closer examination of the PrinTracker concept was in order. How exactly is this identification system supposed to work? How well does it adapt to the highly dynamic nature of 3D printing? But perhaps most importantly, could these techniques really be trusted in a criminal investigation?

Continue reading “No, Your 3D Printer Doesn’t Have A Fingerprint”

Identifying A 3D Printer From A 3D Print

February 17, 2019 by 37 Comments

A TV crime show I saw recently centered on the ability of forensic scientists to identify a plastic bag as coming from a particular roll: it’s all down to the striations, apparently. This development isn’t fiction, though: researchers at the University of Buffalo have figured out how to identify the individual 3D printer that produced a particular print. The development, called PrinTracker, uses unique differences in the way a printer lays down print material to identify a printer with a claimed 94 percent accuracy.

Continue reading “Identifying A 3D Printer From A 3D Print”

Starter Guide To Linux Forensics

August 8, 2017 by 11 Comments

The old saying is if your data isn’t backed up at least twice, it’s not backed up at all. For those not wise enough to heed this adage, there are a number of options available to you if you wish your data to be recovered. Assuming the drive itself is just corrupted somehow (maybe a malicious attack, maybe a user error) and not damaged beyond physical repair, the first step is to connect the drive to another computer. If that fails, it might be time to break out the computer forensics skills.

[Luis]’s guide is focused on Linux-specific drives and recovery tools, so this isn’t necessarily a general-purpose how-to. That being said, there is a lot of information in this guide such as how to mount the target drive’s partitions, how to set up various timelines, and which of the Linux system’s logs are important for the forensic analysis. This specific example in the guide also goes into detail about noticing which of the recent files had been accessed, what they might have done, and different approaches to piecing the mystery of this corrupted drive together.

[Luis] points out that the world of Linux forensics is much different from that of Windows, but for anyone looking to get started he suggests starting with a clean Linux install and going from there. There are many other avenues of digital forensics, as well; the field has as many avenues of exploration as there are different types of computers.

Police Want Alexa Data; People Begin To Realize It’s Listening

December 28, 2016 by 143 Comments

It is interesting to see the wide coverage of a police investigation looking to harvest data from the Amazon Echo, the always-listening home automation device you may know as Alexa. A murder investigation has led them to issue Amazon a warrant to fork over any recordings made during the time of a crime, and Amazon has so far refused.

Not too long ago, this is the sort of news would have been discussed on Hackaday but the rest of my family would have never heard about it. Now we just need to get everyone to think one step beyond this and we’ll be getting somewhere.

What isn’t being discussed here is more of concern to me. How many of you have a piece of tape over your webcam right now? Why did you do that? It’s because we know there are compromised systems that allow attackers to turn on the camera remotely. Don’t we have to assume that this will eventually happen with the Echo as well? Police warrants likely to affect far less users than account breaches like the massive ones we’ve seen with password data.

All of the major voice activated technologies assert that their products are only listening for the trigger words. In this case, police aren’t just looking for a recording of someone saying “Alexa, help I’m being attacked by…” but for any question to Alexa that would put the suspect at the scene of the crime at a specific time. Put yourself in the mind of a black hat. If you could design malware to trigger on the word “Visa” you can probably catch a user giving their credit card number over the phone. This is, of course, a big step beyond the data already stored from normal use of the system.

It’s not surprising that Amazon would be served a warrant for this data. You would expect phone records (although not recordings of the calls) to be reviewed in any murder case. Already disclosed in this case is that a smart water meter from the home reported a rather large water usage during the time of the murder — a piece of evidence that may be used to indicate a crime scene clean-up effort.

What’s newsworthy here is that people who don’t normally think about device security are now wondering what their voice-controlled tech actually hears them say. And this is a step in the right direction.

Iowa Forensics Opts For A CSI Style Hack To Save Their Budget

January 29, 2014 by 32 Comments

Stungun

There’s a very effective way of lifting dusty fingerprints from the field, or in a lab. It’s called an Electrostatic Dust Print Lifter — but as you can imagine, it is rather expensive from a forensic supply store. [Bradley VanZee] — from the Iowa Division for International Association for Identification — realized how simple a tool it was, and made his own for just over $50.

But first, how does it work? Electrostatic print lifting is a non-destructive process where you develop an electrostatic field on a sheet of “lifting film” which attracts the dust particles to stick to the film. It’s capable of recovering impressions from both porous and non-porous surfaces — even ones not visible to the naked eye.

Commercial versions of the tool cost upwards of $600-$800 + lift film. The first hack they realized is that instead of using proprietary lift film, it is just as effective to use car window tint instead! The second hack is even more clever — using a 80,000V tazor, some electrical leads, and some tinfoil you can create your own version of the tool. The aluminum foil acts as a ground, and the object you are inspecting is sandwiched between it and the lifting film. Holding the tazor with one electrode to the foil, you can trace the film using the other electrode at a distance, which induces an electrostatic charge in the film, attracting and capturing the dusty fingerprints. Allow the static to discharge, and store the film in a safe place to be digitized later!

Now obviously this is only really effective for flat objects, but it’s still a brilliant hack — especially to save your budget!

[Thanks John!]