CAINE is a professional-grade digital forensic Linux distro. It uses an old-school desktop environment hardened with top-notch specialty tools. CAINE provides tight security and built-in digital investigation tools, but it is less inviting for non-forensic specialists to use as an everyday Linux desktop. However, it could serve the purpose for users who are willing to handle several interface inconveniences. CAINE is built around a complete investigative environment that integrates existing software tools as software modules.
Thank you for your review :) I need only to highlight something:
1) Swap file is deactivated for forensic purposes, because a forensic distro with the swap file activated, could use the swap file of the host disk changing it...it does not sound forensic proof....for this reason the swap file is deactivated by default.
2) You can mount EASILY in writable mode, did you see the mounter tool? It is showed in the home page, there is the bottom-left of the screen a green disk, if you click with the second button of the mouse, you can change the mounting policy and the disk becomes red, then you can mount in writable mode....
All the mountings are in GUI mode...you can do an entire forensic procedure with only one hand :-P
3) It is normal that a forensic distro must not mount automatically anything...its purpose is don't touch anything...this is forensically sound :-)
Finally here is something else:
http://www.caine-live.net/page8/page8.html
Loading ...
CAINE Provides Sturdy Support for Forensic Specialists
Posted by: Jack M. Germain November 14, 2014 06:49 PMCAINE is a professional-grade digital forensic Linux distro. It uses an old-school desktop environment hardened with top-notch specialty tools. CAINE provides tight security and built-in digital investigation tools, but it is less inviting for non-forensic specialists to use as an everyday Linux desktop. However, it could serve the purpose for users who are willing to handle several interface inconveniences. CAINE is built around a complete investigative environment that integrates existing software tools as software modules.
1) Swap file is deactivated for forensic purposes, because a forensic distro with the swap file activated, could use the swap file of the host disk changing it...it does not sound forensic proof....for this reason the swap file is deactivated by default.
2) You can mount EASILY in writable mode, did you see the mounter tool? It is showed in the home page, there is the bottom-left of the screen a green disk, if you click with the second button of the mouse, you can change the mounting policy and the disk becomes red, then you can mount in writable mode....
All the mountings are in GUI mode...you can do an entire forensic procedure with only one hand :-P
3) It is normal that a forensic distro must not mount automatically anything...its purpose is don't touch anything...this is forensically sound :-)
Finally here is something else:
http://www.caine-live.net/page8/page8.html