Some said Live View could only boot up images acquired from 32bit OS evidence. I have to say that it's not true. Ok, the best way to prove it is let the evidence speak for themselves~

1. Boot up Windows 7 64bit evidence

2. Live View boot up Linux 64bit evidence

I think the reason why some forensic guys "believe" that Live View could not boot evidence suessfully are as below:

1.They forgot mounting tools(ex: FTK Imager) requires Administrator privileges to run.

2.They forgot Live View requires Administrator privileges to run.

3.Whenever they saw any terrible word(ike "error","warning","failed") in the Live View message boxs, they will shut Live View down immediately without hesitate. Acutally they should be more patient, let Live View to parse and analyze those partitions. When completed they could use VMWare to open the snapshot and see if it works or not. Remember one very important thing : "Don't jump to conclusions too soon"...some forensics should get rid of such kind of bad habit...

It's an Open Source Java-based solution. You guys could take a look at it's website and forums:

http://liveview.sourceforge.net/index.html

http://sourceforge.net/p/liveview/discussion/

By the way, VFC is a commercial solution. In my experience, Live View is better than VFC. Of course it's not 100% guarantee to boot up evidence with Live View(or VFC). Still you have chances fail to boot up and see Blue Death screen...

Can Live View boot up images acquired from 64bit OS evidence?的更多相关文章

  1. Spring Boot文档

    本文来自于springboot官方文档 地址:https://docs.spring.io/spring-boot/docs/current/reference/html/ Spring Boot参考 ...

  2. The Boot Process at a Glance x86/x64系统启动过程解析

    哥又来干体力活了.人肉翻译一下: The Boot Process at a Glance This section explains the boot process in sufficient d ...

  3. 计算机启动boot

    原创博文:转载请标明出处:http://www.cnblogs.com/zxouxuewei 零.boot的含义 先问一个问题,"启动"用英语怎么说? 回答是boot.可是,boo ...

  4. Android自定义控件:图形报表的实现(折线图、曲线图、动态曲线图)(View与SurfaceView分别实现图表控件)

    图形报表很常用,因为展示数据比较直观,常见的形式有很多,如:折线图.柱形图.饼图.雷达图.股票图.还有一些3D效果的图表等. Android中也有不少第三方图表库,但是很难兼容各种各样的需求. 如果第 ...

  5. View 层

    package com.test.mvp.mvpdemo.mvp.v1.view; import android.app.ProgressDialog;import android.os.Bundle ...

  6. Android ANR分析(2)

    转自:http://blog.csdn.net/ruingman/article/details/53118202   定义 主线程在特定的时间内没有做完特定的事情 常见的场景 A.input事件超过 ...

  7. 【故障•监听】TNS-12518、TNS-00517和 Linux Error:32:Broken pipe

    [故障|监听]TNS-12518.TNS-00517和 Linux Error:32:Broken pipe 1.1  BLOG文档结构图 1.2  前言部分 1.2.1  导读和注意事项 各位技术爱 ...

  8. 开源网络操作系统--VyOS

    User Guide Jump to: navigation, search Contents 1 Introduction 2 Installation 3 Using the Command-Li ...

  9. vyos User Guide

    vyos User Guide 来源 https://wiki.vyos.net/wiki/User_Guide The VyOS User Guide is focused on providing ...

随机推荐

  1. Android屏幕适配建议

    一.关于布局适配 1.不要使用绝对布局 2.尽量使用match_parent 而不是fill_parent . 3.能够使用权重的地方尽量使用权重(android:layout_weight) 4.如 ...

  2. AD按键-矩阵按键:

    原理:利用数组分压+AD采集: 优点:一个IO口可以做成多个按键,节省IO口(矩阵键盘在>4时优点才能体现出来):可备用作为AD基准输入. 缺点:不能做成组合按键(或者电阻要精确选择):且离IO ...

  3. Git的撤消操作 - 重置, 签出 和 撤消(转载)

    From:http://gitbook.liuhui998.com/4_9.html http://ihower.tw/blog/archives/2622 相较于SVN这种commit就推送到远端伺 ...

  4. Java多线程之线程中断

    该例子说明,Sleep可以被中断,但是I/O和synchronized不能被中断. package Thread.Interrupting; import java.io.IOException; i ...

  5. Category的使用

    1.创建一个objective-c file , 可以选择 category, extension ,protocol, empty 文件.选category 就能建立类别. category机制,它 ...

  6. 在Virtual Box虚拟机中安装MS DOS!

    原文地址:https://mylinuxramblings.wordpress.com/2010/12/05/linux-mint-debian-edition-lmde-first-impressi ...

  7. Enumerator yielder.yield 与 Proc.yield 区别

    最近看ruby cookbook遇到这个用法,google一下,这里原文解释 http://stackoverflow.com/questions/18865860/enumerator-yielde ...

  8. 【收藏用】--切勿转载JAVA 使用Dom4j 解析XML

    原帖地址 : http://blog.csdn.NET/yyywyr/article/details/38359049 解析XML的方式有很多,本文介绍使用dom4j解析xml. 1.环境准备 (1) ...

  9. nginx 均衡负载配置

    nginx详细配置介绍: 参考资料:http://blog.csdn.net/xmtblog/article/details/42295181 配置实例: // nginx服务器虚拟为代理服务器和we ...

  10. SQL Server2008 TIME类型

    SQL Server2008现在有了一个TIME数据类型,它允许你只存储一个时间值而没有时间.如果想要存储一个特定的时间信息而不涉及具体的日期时,这将非常的有用.TIME数据类型存储使用24小时制,它 ...