CAINE 8.0 “Blazar” GNU/Linux OS Provides a Complete Digital Forensic Environment
Ubuntu-based CAINE (Computer Aided Investigative Environment) GNU/Linux distribution is designed by Italian developer Nanni Bassetti to be a complete digital forensic environment, and it’s been updated on October 31, 2016, to version 8.0.
Dubbed “Blazar,” powered by the long-term supported Linux 4.4 kernel and Ubuntu 16.04 (Xenial Xerus) operating system CAINE 8.0 arrives after one year of hard work with UEFI (Unified Extensible Firmware Interface) and Secure Boot support, renewed and new tools, including the Systemback open-source and simple system backup and restore application.
“The important news is CAINE 8.0 blocks all the block devices (e.g. /dev/sda), in Read-Only mode. You can use a tool with a GUI named BlockON/OFF present on CAINE’s Desktop,” explained the developer. “This new write-blocking method assures all disks are really preserved from accidentally writing operations, because they are locked in Read-Only mode.”
New RBFstab and Mounter implemented, live preview Caja scripts pre-installed
Among the included tools, we can mention XAll 1.5, MemDump, XRCed, PEFrame, Tilda, Shrew, RecuperaBit, Gigolo, Jeex, Samba, SQLParse, Yara, wxHexEditor, ADB and LibMobileDevice, PffLib, HashDB, imount, vhdimount, vhdiinfo, iscsitarget, img_map, and vblade. New RBFstab and Mounter, live preview Caja scripts, and a root file system spoofing patch were also implemented.
Another important change is the addition of a VNC (Virtual Network Computing) server and client, which users can use to control the entire operating system from a remote location. Last but not least, CAINE now boots a lot faster compared to previous versions, and it can also boot directly to RAM using toram.