Some said Live View could only boot up images acquired from 32bit OS evidence. I have to say that it's not true. Ok, the best way to prove it is let the evidence speak for themselves~

1. Boot up Windows 7 64bit evidence

2. Live View boot up Linux 64bit evidence

I think the reason why some forensic guys "believe" that Live View could not boot evidence suessfully are as below:

1.They forgot mounting tools(ex: FTK Imager) requires Administrator privileges to run.

2.They forgot Live View requires Administrator privileges to run.

3.Whenever they saw any terrible word(ike "error","warning","failed") in the Live View message boxs, they will shut Live View down immediately without hesitate. Acutally they should be more patient, let Live View to parse and analyze those partitions. When completed they could use VMWare to open the snapshot and see if it works or not. Remember one very important thing : "Don't jump to conclusions too soon"...some forensics should get rid of such kind of bad habit...

It's an Open Source Java-based solution. You guys could take a look at it's website and forums:

http://liveview.sourceforge.net/index.html

http://sourceforge.net/p/liveview/discussion/

By the way, VFC is a commercial solution. In my experience, Live View is better than VFC. Of course it's not 100% guarantee to boot up evidence with Live View(or VFC). Still you have chances fail to boot up and see Blue Death screen...

Can Live View boot up images acquired from 64bit OS evidence?的更多相关文章

  1. Spring Boot文档

    本文来自于springboot官方文档 地址:https://docs.spring.io/spring-boot/docs/current/reference/html/ Spring Boot参考 ...

  2. The Boot Process at a Glance x86/x64系统启动过程解析

    哥又来干体力活了.人肉翻译一下: The Boot Process at a Glance This section explains the boot process in sufficient d ...

  3. 计算机启动boot

    原创博文:转载请标明出处:http://www.cnblogs.com/zxouxuewei 零.boot的含义 先问一个问题,"启动"用英语怎么说? 回答是boot.可是,boo ...

  4. Android自定义控件:图形报表的实现(折线图、曲线图、动态曲线图)(View与SurfaceView分别实现图表控件)

    图形报表很常用,因为展示数据比较直观,常见的形式有很多,如:折线图.柱形图.饼图.雷达图.股票图.还有一些3D效果的图表等. Android中也有不少第三方图表库,但是很难兼容各种各样的需求. 如果第 ...

  5. View 层

    package com.test.mvp.mvpdemo.mvp.v1.view; import android.app.ProgressDialog;import android.os.Bundle ...

  6. Android ANR分析(2)

    转自:http://blog.csdn.net/ruingman/article/details/53118202   定义 主线程在特定的时间内没有做完特定的事情 常见的场景 A.input事件超过 ...

  7. 【故障•监听】TNS-12518、TNS-00517和 Linux Error:32:Broken pipe

    [故障|监听]TNS-12518.TNS-00517和 Linux Error:32:Broken pipe 1.1  BLOG文档结构图 1.2  前言部分 1.2.1  导读和注意事项 各位技术爱 ...

  8. 开源网络操作系统--VyOS

    User Guide Jump to: navigation, search Contents 1 Introduction 2 Installation 3 Using the Command-Li ...

  9. vyos User Guide

    vyos User Guide 来源 https://wiki.vyos.net/wiki/User_Guide The VyOS User Guide is focused on providing ...

随机推荐

  1. Carath\'eodory 不等式

    (Carath\'eodory 不等式) 利用 Scharwz 引理及线性变换, 证明: 若函数 $f(z)$ 在圆 $|z|<R$ 内全纯, 在 $|z|\leq R$ 上连续, $M(r)$ ...

  2. 前端实现 SVG 转 PNG

    http://fex.baidu.com/blog/2015/11/convert-svg-to-png-at-frontend/ 前言 svg 是一种矢量图形,在 web 上应用很广泛,但是很多时候 ...

  3. 【JavaScript】字符串处理函数集合

    var $string = {}, toString, template, parseURL, buildURL, mapQuery, test, contains, trim, clean, cam ...

  4. AD7190学习笔记

    1 建议SCL空闲时会高电平. 2复位:上电后连续输入40个1(时钟周期)复位到已知状态,并等待500us后才能访问串行接口,用于SCLK噪音导致的同步. 3单次转换与连续转换(连续读取):每次转换是 ...

  5. Log4j乱码

    在log4j.properties里添加encoding , 例如 : log4j.appender.fuscent=org.apache.log4j.DailyRollingFileAppender ...

  6. JAVA 对象初始化的过程

    对象初始化的过程例:Student S    =    new Student();1.因为new Student()用到了Student类,所以会把它从硬盘上加载进入内存2.如果有static静态代 ...

  7. 使用thinkphp连接sqlserver数据库时提示“系统不支持:sqlsrv”

    习惯了使用php跟mysql组合,现在接到项目需要调用客户线下的系统软件的数据,具了解,这个软件的数据库是用sqlserver数据库也就是常说的mssql数据库了. 那么我现在需要用PHP连接sqls ...

  8. jquery extend中

    var $=123; <src="jquery.js"> //加载jquery.js的时候           里面有句 _$=window.$,保存123的 //no ...

  9. [SQL]SQL语言入门级教材_SQL语言快速入门(五)

    SQL语言快速入门(一) SQL是英文Structured Query Language的缩写,意思为结构化查询语言. SQL语言的主要功能就是同各种数据库建立联系,进行沟通.按照ANSI(美国国家标 ...

  10. HttpRequestValidationException (0x80004005) 的三种可能的解决方法

    从客户端中检测到有潜在危险的 Request.Form 值 从客户端(txtSupplement="<textarea name="cont...")中检测到有潜在 ...