Posted on December 4, 2009


Yeah, it's going to take up a drive letter. And install as a service. And it'll drop off just when you're in a hurry. Apart from that though, the Dongle of Destiny is awesome.

Legend has it that in the beginning when the earth was young, Odin gave Ulric File-Carver the Dongle of Destiny to help him tackle an investigation into the village shaman’s suspected deletion of a rune-casting that revealed his involvement in mead smuggling.

The analysis was successful and evidence was recovered from the dust on the floor of the village feasting hall that clearly showed which runes had been cast and in what order. From that day on, the first analyst was swamped with requests to perform similar work, and the first backlog was created.

That’s the story we tell to our children, anyway. The Old Gods also decreed that whenever two or more sergeants from a Computer Investigation Unit gather in one place, talk will eventually turn to backlogs and ways of tackling them.

Most places have backlogs of computer forensic examinations, and I think the reason’s quite simple – there are too many exhibits for too few staff. The reason behind this, as far as I can see, is that most of the average unit’s caseload is made up of indecent images of children (IIoC) jobs. These are time consuming both because of the burden of categorising images (and apparently some forces even have forensic analysts doing the donkey work of categorising!), and because they often have a lot of exhibits. Regardless, there are a lot of them.

So why not just increase the resources available to the computer forensics units? At the moment IIoC cases don’t fall under any of the Home Office ‘performance indicators’ for police forces – these are the targets for things like ‘Offences brought to justice” and ‘Acquisitive crime’ that forces are graded on by the government. The force has to make up the points or the Chief Constable has to stay behind on Saturdays and wash the Home Secretary’s car  for a year. The upshot of this system is that forces have to work to the priorities set for them and allocate resources accordingly and, as  IIoC never seems to fit into any of the PIs,  the result is that CIUs are often under-resourced for their volume of work.

That’s one theory anyway. Some of the more wild-haired commenters in the online world seem to believe that there’s a conspiracy to hang on to exhibits for as long as possible, for reasons that are never explained. Maybe they think we sleep on piles of computers like dragons on a hoard of gold? Who knows what goes on in the mind of a bampot.

Suggestions for how to tackle the queues fly around from force to force, sometimes gaining favour for a while. Tackle the list from the front. Tackle it from the back. Take it from both sides in a pincer movement. Dive-bomb it from above like a Stuka. Leave it on the train and hope it doesn’t find its way home. Tie it up in a bag and throw it in the canal. Sometimes a mad prophet will descend from a mountain in London, mutter gnomishly about an imaginary ‘triage’ tool that will solve the problem with a click of a button, then disappear back up their own arse to the summit, to cackle and make sacrifice to their gods.

As you might have guessed, I’ve got a few ideas of my own for how to tackle backlogs. In the form of a list, begad! I do like a list. If Bill Hicks was ‘Chomsky with dick jokes’, I’m Nick Hornby with Encase jokes. So without further ado:

The Happy Monkey’s ACPO-Approved List of Backlog Solutions

Methods Involving Volcanoes

...update tblExhibits set ex_loc = 'Mountain of Fiery Doom';

  • The Scientology Method: gather all the exhibits that have been in a store for more than one month, fly them out to a volcano, then nuke them.
  • The Tolkein Method: Get midgets to carry them across the Wilds of the Midlands and fling them into a volcano.

Methods Not Involving Volcanoes, or with only Minor Volcano Involvement

  • The Raiders of the Lost Ark Method: Put all the exhibits in a big crate, then lose it in a massive warehouse.
  • The Supporting the Arts Method: Leave all the exhibits outside an art college, with  welding equipment and the promise of an exhibition at the end.
  • The Help Dubai in their Time of Need Method: donate all the exhibits to Dubai, so that they can use them to build some ridiculous folly that reaches to the moon, in the shape of a giant stoat or something. With waterslides for whiskers, made with melted down gold from the PCBs.
  • The Internet Smartarse Method: Remember the ‘Cops Ain’t Shit’ class of geek whinger from my first posting? Offer to give them all dongles and forensic workstations and let them whizz through the backlog in no time at all, doing a far better job than the Police ever could. Remind them that there’ll be a ‘test’ at the end of each case, in the form of a judicial process.
  • The Moses Method (AKA ‘Let My People Go’ ): Declare an amnesty. Give back all the exhibits, regardless of the offence and what may be on them, and tell the OICs that they’ll have to proceed on whatever other evidence they have. (Wouldn’t it be lovely to come in one day to a clean slate?)
  • The Statute of Limitations Method: Advise CPS, the courts and OICs that your evidence is only good for 4 weeks after the report is delivered. After this time no one can ask you any questions about the case, you will do no further work on it and you won’t attend court in relation to it. This should speed up proceedings quite a bit, and free up a lot of your time that  would otherwise be spent with jobs you’ve long ago lost interest in.

Any more? Comment me up, daddyo!

Posted in: Forensics