skip navigation

Add your conference to our Justice Events calendar


Register for Latest Research

Stay Informed
Register with NCJRS to receive NCJRS's biweekly e-newsletter JUSTINFO and additional periodic emails from NCJRS and the NCJRS federal sponsors that highlight the latest research published or sponsored by the Office of Justice Programs.

NCJRS Abstract

The document referenced below is part of the NCJRS Library collection. To conduct further searches of the collection, visit the NCJRS Abstracts Database. See the Obtain Documents page for direction on how to access resources online, via mail, through interlibrary loans, or in a local library.

  NCJ Number: NCJ 239600     Find in a Library
  Title: SAFE Boot CD Version Evaluation Report
  Document URL: PDF 
  Corporate Author: NIJ Criminal Justice Electronic Crime Technology Ctr of Excellence
United States of America
  Date Published: 01/2012
  Page Count: 19
  Annotation: This report presents the features and manufacturer claims for the SAFE Boot CD Version - which is a software write-blocking solution that can be used to collect potential evidence from a computer - and results are presented from the performance testing of this software by the National Institute of Justice’s Electronic Crime Technology Center of Excellence.
  Abstract: According to the manufacturer, SAFE (System Acquisition Forensic Environment) is “the first and only forensically sound Windows boot disk.” It is further stated that “You can now boot and safely acquire and/or analyze any X86-based computer using your favorite Windows computer forensic software, without the need to remover drives.” This means that SAFE Boot can easily and safely image every RAID, SAS, Fiber Channel, and/or laptop hard drive without the need for special adapters, controller cards, or any other hardware device not already present on the machine. In addition, even those drives protected by BitLocker can be accessed and analyzed. In all the performance tests conducted, SAFE Boot CD performed as advertised by the manufacturer. No data were altered during any of the testing. HPA/DCO and BitLocker drives could be viewed with the SAFE Boot CD. The only problem identified during the testing was the inability of the internal hashing function to display the hash value of the drive. Also, the BitLocker functionality will only work if the password is known or the USB key that contains the key is available. Extensive figures
  Main Term(s): Computer related crime
  Index Term(s): Evidence collection ; Testing and measurement ; Computer software ; Equipment evaluation ; Computer aided investigations ; Computer evidence
  Sale Source: NIJ Criminal Justice Electronic Crime Technology Ctr of Excellence
550 Marshall St., Suite B
Phillipsburg, NJ 08865
United States of America
  Type: Test/Measurement
  Country: United States of America
  Language: English
  To cite this abstract, use the following link:

*A link to the full-text document is provided whenever possible. For documents not available online, a link to the publisher's website is provided. Tell us how you use the NCJRS Library and Abstracts Database - send us your feedback.