Digital evidence crucial to forensics labs
SALT LAKE CITY -- Khalid Ouazzani owned a Kansas City, Mo., used auto parts store by day but was secretly supporting al-Qaida by night.
Using covert communications more complex than mere encryption, Ouazzani assumed he was eluding federal authorities, hiding his dealings behind a veil of virtual invisible ink. While the FBI won't reveal details, agents say he used a form of steganography, the art of hiding messages within other messages.
But it was no match for the agency's digital forensics specialists, who cracked Ouazzani's code.
He pleaded guilty last year to conspiring to help a terrorist network and faces up to 65 years in federal prison.
Elsewhere, FBI digital evidence specialists proved a truck driver was streaming pornography on his laptop when he plowed into a car on a New York freeway, killing a woman. They also helped convict high-profile defendants like former Illinois governor Rod Blagojevich and top Enron executives.
In an age when the biggest cases can often hinge on the smallest pieces of evidence, some bits no bigger than a fingernail-sized microchip, the FBI's Regional Computer Forensics Laboratories are fast becoming crucial law enforcement tools.
Last year, the agency's 14 labs and their 244 examiners, including 155 from state and local agencies, processed more than 3,000 terabytes of information -- the equivalent of 3 million copies of the Encyclopedia Britannica.
They also examined more than 75,000 pieces of digital media, including 339 smart phones, 248 digital cameras and more than 57,000 hard drives. Agents have even found child pornography hidden on Xbox 360 game devices.
"Our entire lives are digitally connected. Everything we do involves a computer," said John Dziedzic, director of the FBI's Chicago lab. "Everything you can possibly think of is recording some type of data."
And he said practically everyone these days, even criminals, uses some sort of digital media, be it a smart- phone, a computer or digital camera, and destroying the device often does nothing to get rid of evidence. FBI examiners have retrieved crucial data from computers that have been set on fire, tossed into lakes, shot with guns and smashed to pieces.
FBI examiners can recover files that have been deleted or encrypted and can crack passwords with tools that bombard a hard drive with 500 million guesses per second.
"Eventually we'll break it," Dziedzic said.
"Think about what a cellphone contained 10 years ago. It might have had a call log and 10 names in the contact book. Now they're mini-PCs," said Mike Jensen, head of the agency's 15,000-square-foot Salt Lake City lab, which serves law enforcement in Utah, Idaho and Montana.
"There's always something new coming through the door and we have to roll with it and learn as we go."
To keep abreast, law enforcement agencies have been rolling out various high-tech tools, including biometric identification systems to speed up fingerprint matches, facial recognition software and citywide cameras to monitor crime.
Spy in the sky
A Utah police chief hopes to add a 52-foot-long unmanned blimp to his force that will stream live video and serve as a crime-fighting eye-in-the-sky. Already in his arsenal are 200 surveillance cameras scanning the city 24/7.
"When I hired on in the '70s, we had 25,000 calls for service with 125 officers," said Ogden police chief Jon Greiner, who says the blimp will cost less than a patrol car.
"Today we handle over 100,000 calls for service with 144 officers."
Dziedzic said the trick is thinking, literally, "outside the box." Agents might instinctively snap up computers, laptops and hard drives at a crime scene, but tiny thumb drives can be hidden inside shoes and wireless storage devices tucked away in ceilings.
It's also taking time to educate other agencies.
Dziedzic recalled a Chicago police officer dropping off a computer he believed contained evidence of fraud.
"I asked him what he was searching for and he said, `Can't you just print everything out?"' Dziedzic said. He had to break it to the officer that the two-terabyte hard drive might contain 400 million pages of text.
"You could digitize everything in the Library of Congress and put it all on six hard drives," Dziedzic said.
Local law enforcement agencies are stepping up their use of technology, too.
In Pinal County, south of Phoenix, Ariz., Sheriff Paul Babeu expects by September to have 75 deputies outfitted with facial recognition devices that also scan irises and fingerprints and attach to iPhones.
"This is a significant game-changer for law enforcement," Babeu said. "It's absolutely shocking the leapfrog and advance in technology that is available to us."
He said his office already has begun scanning irises of jailed inmates and registered sex offenders, and will have deputies in the field do the same anytime a person is arrested. He said the scans take 15 seconds and are more accurate than fingerprints.
Some opponents of the technology, however, say it goes too far and infringes on citizens' rights to privacy.
"This technology should never be deployed without formal restrictions on their use to ensure biometrical data is not kept or stored on innocent people," said Karen McCreary, executive director of the American Civil Liberties Union of Utah.
Babeu actually agrees to some extent and says law enforcement must be mindful not to overstep constitutional boundaries.
"We don't want to turn into a massive police state," he said.