About the increased role of digital investigation and forensics in solving crimes:

In the end, it wasn’t a fingerprint or a blood spatter that led
authorities to the woman suspected of strangling a mother-to-be and
cutting the baby from her womb. It was an 11-digit computer code.

ABC News reports how investigators used the IP address to track and find the suspect in this disturbing case. The investigators examined online message boards where the victim and the accused exchanged messages and were able to trace an IP number to a computer of the accused’s home. The article does not mention the exact methods of tracing used by law enforcement, but most likely the sequence was:

1. Subpoena the IP of the poster from the message board service provider or website;
   
2. Do a reverse DNS lookup on the IP;
3. Contact and subpoena tha record of the subscriber who was assigned the particular IP at the particular time;
4. Knock on the door.

The moral is: law enforcement officers - don’t forget to check for digital forensics when investigating a crime - more and more often a computer and Internet are involved in a crime and, especially with non-computer experts, the information can be reliable, accurate, and very useful. 

 A great book that contains similar and useful information about digital forensics, including IP tracking, is Digital Evidence and Computer Crime, find it at Amazon or search by ISBN 0121631044. 

Netcraft, one of the leading Internet security firms, has released an anti-phishing toolbar, similar to the toolbars that Google and others released in the past to battle another Internet problem - the pop-up ads.

Phishing attacks are most often done by sending an fraudulently designed email to users asking them to visit a website and enter a piece of personal information - in  many cases bank passwords, credit card numbers, or similar. The reason phishing attacks are so successful is that phishers use some browser vulnerabilities to "hide" the address of the page being shown or make it look like it is coming from the bank’s website.

In essence, the Netcraft toolbar (only in IE right now, Firefox extension in the works) will provide an easy way for users to identify whether they are being targets of a phishing attack by showing the site’s hosting location - so if you see that your Bank of America login page is hosted in Bangladesh, for example, you should be suspicious. Also, the toolbar allows users to report phishing attacks, which are reviewed by Netcraft and then are propagated to other toolbar users - a sort of a community protection mechanism. Another important protection tool is the ability to control and limit cross-site scripting or other invalid characters in URLs which are used only to exploit and to deceive.

Netcraft’s toolbar is an initial but very important step towards curbing the spread of phishing. It is very important for similar tools to achieve wide adoption and help curb threats. One of the problems with this toolbar is likely to be the fact that users are not visibly annoyed or distracted by what the toolbar seems to protect against. Google’s pop-up blocking toolbar was widely adopted because users were annoyed by the amount of pop-up ads they were receiving. Unlike Google, Netcraft’s toolbar prevents from a threat that is hard to see and perceive. While the phishing threat is imminent for evrey Internet user, many users will have low or no incentive to install this protection measure.

A great idea and a great tool from Netcraft, but I believe that more incentives and steps to popularize the product will be necessary for its adoption and success.