Issue #6 April 2005

Open source in the force: One officer speaks

It takes new police officers a very short time to realize that the worst part of the job is all of the paperwork. Some incidents require three or four reports to complete, most having the same information, all with a narrative. When I first started, officers were expected to type multi-part forms or handwrite them with no mistakes. My first thought when I encountered this mountain of paperwork was how much easier this would be with a computer. When I came on the force in 1994 there were no computers available to officers for everyday use, and anyone who brought in their own was looked down on.

One day I couldn't take it anymore. I found some old 8086 machines, monochrome monitors, and dot-matrix printers that were being used as doorstops. When I brought them in I got some very strange looks. I found an old DOS program to print onto multi-part forms and worked on my time off configuring the software. Soon I had a system that allowed me to print a few of the major reports and a narrative for any report. Once my fellow officers saw me flying through my paperwork, they were asking to learn how to use the computers. Even though the computers were antiquated, it was better than writing reports for an eight hour shift.

A few years later I found out that our department, a force of 5000, was going to add positions to our one-man Computer Crime Unit. The investigator/supervisor of the unit told me I could better my chances if I started learning about this new upstart OS called Linux. I installed Red Hat Linux 5.2 and haven't looked back. Granted I still use a Windows-based closed source forensic software suite, as this is what I was trained on and certified for, but I hope to change that soon.

I use Linux and other open source software everyday and couldn't imagine doing my job without these tremendous resources. I have used my heterogeneous office network to learn more about networking, SMTP, IMAP, Apache, MySQL, PHP, and Perl—without having to worry if my Unit could afford the license.

My "Investigators Toolbox" is heavily augmented with open source applications. One of my favorites for an on scene examination is the bootable distribution Penguin Sleuthkit (PSK), which was constructed for forensics. PSK is packed with tools for conducting quick and thorough examinations. It is perfect for probation and parole officers as well as system administrators.

I am constantly using a mishmash of many scripting languages but mostly Perl and bash shell scripts. Humorously, a lot of the time I am writing scripts is to accommodate for the failings of Windows or a Windows-based utility. When I must use Windows I have MSYS installed and use it extensively as a crutch. Another Linux-like environment I have found very useful is Cygwin.

While conducting proactive investigations I have used many of the above tools as well as one you might not be aware of. Familiar and Opie for the iPAQ. After my boss gave me an iPAQ for work, I immediately looked for an alternative to WindowsCE and came across the Familiar/Opie combination. Familiar is a full-blown Linux distribution, and Opie is a graphical user environment. Then I installed Wellenreiter and had a very powerful handheld wireless security assessment device and much more powerful PDA as well.

I have not yet converted the masses within my unit, but a lot of my colleagues come to me with unresolved problems where no Windows solution exists or acquiring it is cost prohibitive. More often than not I find/create a fix for their problems. Slowly I am pulling them into the fold.

Law enforcement is currently at a similar crossroads and I believe that "If we show them they will come." There are many ways that open source can benefit police departments all over the world. I don't think you could find a department anywhere that believes they have enough funding to do their job correctly and efficiently. The adoption of open source and the reduction in overhead should be a welcome sight to almost any agency. An effort needs to be made to reach out to Chiefs of departments of major cities, as well as the most rural locations. Efforts to introduce open source should concentrate on departments that have yet to embrace technology, which is probably due in part to the cost of implementation.

Also, many departments have no choice of which incident reporting software to use as it is dictated to them by their state or local government. Numerous Chiefs still resist and are ultimately forced to accept the technology. This is not surprising since most police officers are inherently resistant to change and leery of computers in general. The vast majority of this software is a proprietary, customized, closed source, Windows solution. The department, of course, has to rely on the vendor for all bug fixes and future optimization. Most departments just accept the fact that the software is "quirky" or doesn't do everything they want it to do. Departments need to be made aware that when they use open source software they have the power to choose the direction they want to go. They will soon realize that by reducing their overhead through competitive bidding, their anxiety for better software will lead to more officers on the street and a more productive force.

There are a large number of Chiefs and IT professionals within police departments that don't realize they have alternatives to their current software. Those on the IT staff that do probably don't want to recommend themselves out of a job as they might not have the proper skill set for the transition. The adoption of open source in police departments will not take place without an IT manager or an officer with technical knowledge making the case for its implementation.

Everyone would think that security would be a top priority for all departments, and it is, albeit misguided when it comes to computers. Viruses and malware are rampant on many departments computers and/or networks. Many departments don't realize the money they are losing because of viruses, spam, and malware. I was in a local department recently and wanted to search for something. The workstation they let me use was completely useless because of all of the popup ads. The officers I spoke with about it just accepted this as a matter of fact and just found other ways to cope. Once again the common factor is funding in that a lot of departments can't afford the cost of maintaining subscriptions for virus definitions.

After September 11 it has become imperative that departments share information not only amongst themselves but with other departments as well. Many departments relying on Windows don't have the budget to try to accomplish this effectively via technology. Once again the decision makers are unaware that with open source alternatives they could quickly implement information sharing mechanisms with little or no cost. Since police departments are paramilitary organizations it should be comforting to them to note that all of the US military services use open source in some fashion.

Another area closely related to information sharing is training. Most departments are mandated by regulations and/or legislation to provide a certain level of training for their officers. Many departments would like to offer computer-based training to their officers but can't afford all the equipment and licenses. They could dramatically cut costs by using a bootable CD distribution that contained all the training materials for the class in a diskless workstation. This would save on the cost of equipment, networking, and the time to install and setup the systems, which could add mobility to the classroom. With the right scripts the presentation would start for the student, and they could follow along. When the training is over, the student could take the CD with them to refer to later.

There are many departments that are either where my department is today or is moving in that direction. I feel as though I am back in 1994 all over again with the prevalent fear of new technology. If the Chiefs and other decision makers could be shown the benefits of computerizing their departments with open source they would never want to go back. The transition will become easier in the near future as officers who grew up with computers as an integral part of their lives move through the ranks and become the decision makers.

About the author

Jon S. Nelson has been in government service for 16 years. Five years with the U.S. Coast Guard as an Electronic Technician and 11 years with a large police department in the Northeastern U.S. He has been investigating computer-related crime since 1998 and was recently appointed to Training Coordinator for his unit and five Task Forces. Jon is also currently working towards his BS in Computer Science and is involved in research into energy efficient sensor networks. In his "spare time" he enjoys his family, skateboarding, and fishing.