Some said Live View could only boot up images acquired from 32bit OS evidence. I have to say that it's not true. Ok, the best way to prove it is let the evidence speak for themselves~

1. Boot up Windows 7 64bit evidence

2. Live View boot up Linux 64bit evidence

I think the reason why some forensic guys "believe" that Live View could not boot evidence suessfully are as below:

1.They forgot mounting tools(ex: FTK Imager) requires Administrator privileges to run.

2.They forgot Live View requires Administrator privileges to run.

3.Whenever they saw any terrible word(ike "error","warning","failed") in the Live View message boxs, they will shut Live View down immediately without hesitate. Acutally they should be more patient, let Live View to parse and analyze those partitions. When completed they could use VMWare to open the snapshot and see if it works or not. Remember one very important thing : "Don't jump to conclusions too soon"...some forensics should get rid of such kind of bad habit...

It's an Open Source Java-based solution. You guys could take a look at it's website and forums:

http://liveview.sourceforge.net/index.html

http://sourceforge.net/p/liveview/discussion/

By the way, VFC is a commercial solution. In my experience, Live View is better than VFC. Of course it's not 100% guarantee to boot up evidence with Live View(or VFC). Still you have chances fail to boot up and see Blue Death screen...

Can Live View boot up images acquired from 64bit OS evidence?的更多相关文章

  1. Spring Boot文档

    本文来自于springboot官方文档 地址:https://docs.spring.io/spring-boot/docs/current/reference/html/ Spring Boot参考 ...

  2. The Boot Process at a Glance x86/x64系统启动过程解析

    哥又来干体力活了.人肉翻译一下: The Boot Process at a Glance This section explains the boot process in sufficient d ...

  3. 计算机启动boot

    原创博文:转载请标明出处:http://www.cnblogs.com/zxouxuewei 零.boot的含义 先问一个问题,"启动"用英语怎么说? 回答是boot.可是,boo ...

  4. Android自定义控件:图形报表的实现(折线图、曲线图、动态曲线图)(View与SurfaceView分别实现图表控件)

    图形报表很常用,因为展示数据比较直观,常见的形式有很多,如:折线图.柱形图.饼图.雷达图.股票图.还有一些3D效果的图表等. Android中也有不少第三方图表库,但是很难兼容各种各样的需求. 如果第 ...

  5. View 层

    package com.test.mvp.mvpdemo.mvp.v1.view; import android.app.ProgressDialog;import android.os.Bundle ...

  6. Android ANR分析(2)

    转自:http://blog.csdn.net/ruingman/article/details/53118202   定义 主线程在特定的时间内没有做完特定的事情 常见的场景 A.input事件超过 ...

  7. 【故障•监听】TNS-12518、TNS-00517和 Linux Error:32:Broken pipe

    [故障|监听]TNS-12518.TNS-00517和 Linux Error:32:Broken pipe 1.1  BLOG文档结构图 1.2  前言部分 1.2.1  导读和注意事项 各位技术爱 ...

  8. 开源网络操作系统--VyOS

    User Guide Jump to: navigation, search Contents 1 Introduction 2 Installation 3 Using the Command-Li ...

  9. vyos User Guide

    vyos User Guide 来源 https://wiki.vyos.net/wiki/User_Guide The VyOS User Guide is focused on providing ...

随机推荐

  1. 在一个窗口中显示多个视频,并在每个子窗口左上角显示系统时间,函数cvShowManyImages是改写的

    #include <cv.h> #include <highgui.h> #include <stdio.h> #include <stdarg.h> ...

  2. nginx重写规则报nginx: [emerg] directive "rewrite" is not terminated by ";"

    对于下面的重写规则 rewrite ^/gongying/([\d]{8})_([\d]+).html$ /index.php?app=support&act=view&pts=$1& ...

  3. Tornado

    Tornado 是 FriendFeed 使用的可扩展的非阻塞式 web 服务器及其相关工具的开源版本.这个 Web 框架看起来有些像web.py 或者 Google 的 webapp,不过为了能有效 ...

  4. 适配6 、6P 来源互联网

    iPhone 6 6P出现后,如何将一份设计稿支持多个尺寸? 如何只出一套iOS平台设计稿?随着苹果发布两种新尺寸的大屏iPhone 6,下面三款iPhone尺寸和分辨率数据就知道屏幕有多杂了. 现在 ...

  5. 拥抱 Android Studio 之四:Maven 仓库使用与私有仓库搭建

    使用.创造和分享 笔者曾经不思量力的思考过『是什么推动了互联网技术的快速发展?』这种伟大的命题.结论是,除了摩尔定律之外,技术经验的快速积累和广泛分享,也是重要的原因. 有人戏称,『写 Java,首先 ...

  6. MYSQL C API : mysql_real_connect()

    MYSQL * mysql_real_connect( MYSQL *mysql, const char *host, const char *user, const char *passwd, co ...

  7. C# String.Format大全 去 decimal 后面的 0

    转 http://kwon.iteye.com/blog/1068255  http://blog.csdn.net/tvvbbb/article/details/47256943 public st ...

  8. [SQL]patindex的用法

    返回指定表达式中某模式第一次出现的起始位置:如果在全部有效的文本和字符数据类型中没有找到该模式,则返回零. Transact-SQL 语法约定 语法 PATINDEX ( '%pattern%' , ...

  9. ecmall数据字典

    ecm_acategory //文章分类表 字段 类型 Null 默认 注释 cate_id int(10) 否 自增ID号,分类ID号 cate_name varchar(100) 否 分类的名称 ...

  10. (转)C#使用Mysql记录

    (1)首先需要下载C#访问MySQL数据库的ADO.NET驱动程序 http://dev.mysql.com/downloads/connector/ 我下载的版本为: mysql-connector ...