skip navigation

CrimeSolutions.gov

Add your conference to our Justice Events calendar

PUBLICATIONS

NCJRS Abstract

The document referenced below is part of the NCJRS Library collection.
To conduct further searches of the collection, visit the NCJRS Abstracts Database.

How to Obtain Documents
 
NCJ Number: NCJ 239600     Find in a Library
Title: SAFE Boot CD Version 1.2.1.6711 Evaluation Report
Corporate Author: NIJ Criminal Justice Electronic Crime Technology Ctr of Excellence
United States of America
Date Published: 01/2012
Page Count: 19
Sale Source: NIJ Criminal Justice Electronic Crime Technology Ctr of Excellence
550 Marshall St., Suite B
Phillipsburg, NJ 08865
United States of America
Document: PDF 
Type: Test/Measurement
Language: English
Country: United States of America
Annotation: This report presents the features and manufacturer claims for the SAFE Boot CD Version 1.2.1.6711 - which is a software write-blocking solution that can be used to collect potential evidence from a computer - and results are presented from the performance testing of this software by the National Institute of Justice’s Electronic Crime Technology Center of Excellence.
Abstract: According to the manufacturer, SAFE (System Acquisition Forensic Environment) is “the first and only forensically sound Windows boot disk.” It is further stated that “You can now boot and safely acquire and/or analyze any X86-based computer using your favorite Windows computer forensic software, without the need to remover drives.” This means that SAFE Boot can easily and safely image every RAID, SAS, Fiber Channel, and/or laptop hard drive without the need for special adapters, controller cards, or any other hardware device not already present on the machine. In addition, even those drives protected by BitLocker can be accessed and analyzed. In all the performance tests conducted, SAFE Boot CD performed as advertised by the manufacturer. No data were altered during any of the testing. HPA/DCO and BitLocker drives could be viewed with the SAFE Boot CD. The only problem identified during the testing was the inability of the internal hashing function to display the hash value of the drive. Also, the BitLocker functionality will only work if the password is known or the USB key that contains the key is available. Extensive figures
Main Term(s): Computer related crime
Index Term(s): Evidence collection ; Testing and measurement ; Computer software ; Equipment evaluation ; Computer aided investigations ; Computer evidence
   
  To cite this abstract, use the following link:
https://www.ncjrs.gov/App/Publications/abstract.aspx?ID=261666

* A link to the full-text document is provided whenever possible. For documents not available online, a link to the publisher's web site is provided.