Hello Friends! This fanfic is an investigative one, as opposed to my previous romantic one. Rest assured that I will not neglect the other fanfic; that is my first on this site and I plan to maintain it for a long time to come.
Contrary to my regular readers' expectations, this fanfic will not contain any Devanagari, or even Hindi written in Roman. It will be entirely in English, because the setting and the techniques are not unique to CID. They could as well be thought of as set in The Bill, CSI, or any of the countless other police procedurals around the world.
Since this is an investigative, I will keep romance to a minimum. Please do not be disappointed.
The primary focus of the narrative will be on digital forensic techniques, with traditional investigations assuming a lesser role. Since I am a programmer, it is only natural that I should focus on digital forensics, and I find it convenient to introduce an OC for for that purpose.
To avoid confusion, please note that digital forensics has nothing to do with the use of computers as tools in forensic science, which is regularly depicted on the show. In this branch of forensics, computers are the SUBJECT of the investigation. Computers retrieved from crime scenes or otherwise connected to the crime are subjected to investigation.
Also note that all techniques depicted are real, and can be tried safely at home. However, please do not use these techniques to indulge in snooping, hacking or other illegal and immoral activities.
At the bureau.
ACP Pradyuman: (thinking) What the heck is happening? My men are not able to solve a single one of these cases. I have never felt so helpless in my life.
He stares at three cartons full of files. Files that served as a constant reminder of his team's failure – utter failure. No clues, no leads, no arrests. Even the informers were useless.
ACP: (thinking) People getting duped of their lifetime's worth of savings, getting publicly shamed, getting raped, getting killed... Critical government infrastructure being brought down... I could not prevent any of these... Nor could I punish the guilty...
DCP Chitrole enters the bureau in a huff.
DCP: Pradyuman what is happening? Do you have any idea what the media is saying of us? They call us incompetent; incapable of defending the citizens. They are calling for our resignation. They want our heads. And I want yours.
ACP: What can I possibly do? My men are not equipped or trained to deal with these things. All of these are cybercrimes. And computers don't cough up information even under Daya's torture.
DCP: So what do you want? Should I tell the media that computers don't cough up information? Should I ask the people to stop using computers? Considering the state of affairs, I would certainly do that if I was the Prime Minister. But I am not. And I need a solution before my head rolls. And yours.
DCP was incoherent in his anger.
ACP: Sir, we need additional manpower. We need a trained computer expert.
DCP: A trained expert?! Okay. I'll get you an expert. But after that, you must do everything you can, and also everything you CAN'T, to stop this menace. Otherwise I'll show you what I can do.
ACP: Fine sir. But be quick.
Two days later...
ACP: I introduce to you the digital forensic expert, Ajay.
Abhijeet, Daya, Sachin, Shreya, Purvi, Freddie, Nikhil and Pankaj stare at the bony, bespectacled figure in disbelief.
Abhijeet: (incredulous) He is the expert?
Ajay: Yes, why?
Daya: Aren't you a bit too young?
Ajay: 22 is old enough in things digital. I started learning the tricks of the trade when I was 11. Believe me, give me 15 minutes with a computer and watch it cough up information as a criminal would under Daya sir.
Ajay said this with a cheeky smile.
ACP: Ajay does not have police training. Nikhil, if we ever need to take him out to the field, you will watch his back. Ensure that he is kept out of harm's way and also ensure that he does not mess with traditional forensic evidence.
That last bit is important. Keyboards, for example, carry a lot of fingerprints. It is essential to prevent Ajay from messing with those.
Nikhil: Yes sir.
Ajay: Hi Nikhil!
Nikhil: Hi.
In turn, all members introduce themselves. Freddie and Pankaj carry the three cartons to Ajay's table. Ajay picks up a file and gets to work right away.
Ajay: (pursing his lips) Hmm... Can I have a look at the victim's computer?
Nikhil: Which victim?
Nikhil pointed to the computers that were stacked not-so-neatly in a corner of the bureau, at the opposite end of the alley that opens into the entrance.
Ajay: Let me see.
Ajay identified the CPU by its evidence number, and disassembled it. As he unscrewed the CPU to extract the hard disk, he recalled what he read in the file.
This girl was found dead in her hostel room. Her throat had been slit with a sharp wire.
There were no eyewitnesses. No fingerprints were found on the crime scene. The criminal was wearing a glove. Apart from the girl's own mobile phone, no other phone was located at the exact location and time of the crime. Clearly, the criminal was not carrying one.
One peculiarity was that the computer in the girl's room was switched on, but no application was running. No window was open. Upon further examination, it was found that there was no data file on it. The only files were system files, which were required and protected by the operating system. The Recycle Bin was also empty. The browsing history had been deleted as well. It was clear that the killer had deleted everything after killing the girl.
Examination of the girl's phone records also did not turn up any tangible evidence. Even her email account, which was accessed by handing the email provider a court order, did not give a lead.
We do not even know if the killer was a man or a woman.
I, Inspector Shrikant Deshmukh, am recommending this case for the consideration of CB-CID.
Ajay took out the hard disk and returned to his desk. He turned on the computer and started reading the file until he was greeted by the startup sound of Windows 7. He was startled. He had not looked at the screen prior to that.
Ajay: Are you kidding me? You folks here use Windows?! How on earth am I supposed to do forensic work here?
Nikhil: What? Is... Is there a problem with your computer?
Ajay: Why do I even bother? I should have known that I will have to configure things on my own before I can even begin work.
Using Windows for forensic work would be a disaster. Windows does not respect read-only settings and can tamper with or destroy forensic evidence on connected devices, to the extent that they become inadmissible in courts of law.
With this, he reached into his bag and pulled out a DVD. It had the popular Linux distro Ubuntu on it. Ajay had customized the software for forensic work.
He gave a second glance at an even more powerful weapon in his armory, a DVD of the Linux distro C.A.I.N.E (Computer Aided INvestigative Environment), but felt it best to reserve it for the most hardcore and demanding of jobs. He would get along fine with Ubuntu for this case, he thought.
In under fifteen minutes, the automated installer had finished its work and the useless copy of Windows had been wiped.
Ajay turned off the computer, opened the CPU case, and attached the victim's hard disk as an additional disk, along with the computer's primary hard disk.
He then turned the machine back on, mounted the victim's hard disk with read-only permissions, and took an image of the disk. That way, he could tamper with the image without destroying the real evidence.
He then ran testdisk, a program designed to recover deleted files from hard disks and disk images.
Recovering files even after deleting is possible because the when files are deleted, the operating system (OS) simply marks that region on the hard disk as reusable, so new files can be placed on top of the older files, overwriting them in the process. However, before they are actually overwritten, if a recovery is attempted, they can be successfully recovered.
It took a full 30 minutes to recover all the files. Now, Ajay's work was over. Well, almost.
The CID team had to sift through the 2 hours worth of video, 2000 photographs and 150 documents. Ajay, however, still had to decode the recovered browser cookies. That would give clues as to which websites the victim frequented, who she communicated with.
The team burned through the evidence in a day.
The two hours worth of video was entirely useless, pirated films of all varieties downloaded from the Internet.
Of the 2000 photographs, 1800 depicted the girl with one boy. We have a face. Investigation revealed that her family or friends knew nothing of him.
Of the 150 documents, 100 were correspondences between the girl and one boy. We have a name.
We must now establish that the name belongs to the face.
The browser cookies connected the name and the face. The boy's image, which appeared on chat, was cached by the browser, along with his name. Also revealed by the cookies was the content of their chats and emails. Their relationship was strained in the past few days due to the appearance of another girl in his life.
The Central Monitoring System (CMS) of the Department of Telecommunications, Government of India, provided the mobile phone number of our suspect, and also its location.
Fast forward...
Daya had spent five minutes in private with that boy in the interrogation room. ACP was starting to get worried.
ACP: We need that boy alive.
Abhijeet: Let me see.
Abhijeet entered the room just in time to hear the confession. Ajay had nailed the right man.
I know the story does involve some technical terms and concepts. I have tried my best to explain them in the story. If I have been unsuccessful, please let me know. I will clear all doubts.
I also know that the narrative is very dry. It is nowhere close to the narrative that I created for the Anthology. But I seriously could not think of a better way to present an investigation. Any suggestions and criticisms are welcome. I will try to mend the narrative.
I am on a very weak radio link at the moment. I may not be able to read, or reply to, reviews and PMs any time soon.
(PS: It feels nice to not have to change language after every word. My fingers hurt after completing a chapter of the Anthology. They did not hurt this time!)