Detective superintendent Charlie McMurdie, the police officer in charge of setting up the UK's central e-crime unit, said recently that she would like a "breathalyser" for the PC.
On the face of it, this seems like a pretty shrewd idea. The days between Christmas and New Year have an anarchic, end-of-term feel to them and those unlucky enough to be manning the phones amidst the crushed tinsel and discarded mince-pies, may feel justified in cracking open the bottle of Zinfandel presented as a motivational spur by the head of department last Friday.
And as the afternoon wears on, they might also avail themselves of a quick nip from the secret sherry that Sheila keeps in the stationary cupboard, behind the treasury tags. Before you know it, they are composing witty and lurid emails exposing the well-known but under-publicised liaisons between Gareth and the twice-divorced matriarch of HR and bidding on Russian military hardware on eBay.
Such ill-judged excesses could easily be prevented with the addition of a simple USB breathalyser that must register "green" before the keyboard is unlocked.
But no. That's not what DSI McMurdie has in mind at all. She wants a metaphorical breathalyser. A device so omniscient that it can detect evidence of any criminal activity on your computer. Child porn, credit card fraud, identity theft, selling stolen goods online or promulgating racial hatred. Possibly thought crime as well. She has in mind a simple USB dongle with three LEDs: green is clean, red is dead and amber would be for all the borderline cases that get sent off for the full rubber-gloves-and-drop-your-trousers treatment from the forensics geeks.
I'm actually planning to bid for the contract to build and supply these devices. My design, which is hereby released under the GPL licensing scheme, is as follows:
1. The green LED is present but not connected. There are no known examples of any computers in the UK that have never been used to store illegal data or perform unlawful acts. Adding firmware to check for a hypothetical future computer that was totally clean would almost certainly generate far too many false positive results to justify its inclusion.
2. If the initial scan of the system reveals the presence of an internet connection, DVD drive, hard disk or keyboard, the red LED is activated.
3. In all other cases the amber LED is activated.