DEFT Zero RC1 ready for download
From the post:
During the fourth edition of DEFTCON 2015 in Rome last April 17 (more than 200 people, high level of teaching) in collaboration with ISACA chapter of Rome and Tech & Law Center, DEFT Zero is finally ready and released in RC mode (release candidate).
This mini distro dedicated to acquisitions of medias, implements the new system of write blocking amply explained into the new DEFT Zero user manuals released on this site.
From the foreword of the quick guide:
DEFT Zero is designed to be a DEFT light version focused on the forensically copy of digital evidences (i.e. hard disks, USB devices and network shares).
DEFT Zero requires a considerably lower space in RAM and on a CDROM/pendrive. It needs about 400 Mbytes, which can even boot in the RAM preloaded mode on a obsolete and low resources hardware.
DEFT Zero is based on Lubuntu 14.04.02 LTS and its future releases will be developed in parallel with DEFT full version.
DEFT Zero can be run on newest hardware as well, since it can support 32 and 64 bits platforms, with UEFI and Secure Boot such as Macbooks and Windows 8 ready machines.
This document will cover the differences and enhancement with DEFT standard (full) version.
The latest manual I saw on the site was for DEFT (Digital Evidence & Forensic Toolkit) 7 Manual, dated 2012.
The DEFT 7 manual says:
On these pages you will not find exhaustive explanations on the use of all applications and commands currently in the DEFT distribution.
Judging from the download directory for DEFT full, the most recent version of DEFT full is 8.2.
A great authoring/editing opportunity for anyone interested in cybersecurity.
Having to write down a coherent explanation is almost as much of a learning experience teaching the material!
PS: Travel/business tip: Always carry marked burner USB drives with security tape to signal their use. (And don’t reuse.)