We had some requests about possible professional collaborations with our core team and to answer you all we remember that a part of us work in the private sector, in law enforcement, as lawyer (expert in cyber security) and as freelance DFIR expert.

As you guess, earn money is not the goal of our open source project, but feel free to drop us an email if you need and we will answer to you if we are able to help you or if we can suggest to you some good friends in the field/Country of your interest.

Here below will be published any known issue on latest releases, with suggestions about possible workarounds waiting for new updates:

  • We detected that, in certain circumstances, the file manager (Caja) can keep in memory information regarding the previous "ro/rw" status of the device and show an error (impossible to write on Read-Only device)
    If you perform all operation by CLI you can easily understand that the write blocker system works properly and there are no problems, but to avoid this graphical misleading issue you can just close all open windows with the command "killall caja"
    Remember to enable the RW option before the device mount

  • Using Gparted tool, to manipulate devices/partitions, can produce an error because each time Gparted do a refresh, the device is automatically locked in Read-Only mode by the forensic kernel.
    If you need to create a partition, for example, try instead to use "mkfs*" commands
  • Is not possible to mount encrypted volumes (Bitlocker, LUKS,...) in Read/Write mode because the device locker at kernel level always puts the loopback interfaces in Read Only mode
    Feel free to drop us an email if you have this need

  • In the 2023.1 BETA release

  • The local DNS resolver doesn't work and we put static values, feel free to update
  • In UEFI mode, the installer can't setup properly the grub boot loader
  • During the system installation the LVM encryption it doesn't work properly
  • The last version of Autopsy (at the release date) is not yet supported on Linux, we tried to find a solution but the core process crash
  • The default graphic theme hides buttons/menus in some graphical applications
  • The keyboard layout is put in italian when a session starts
  • "software-properties-gtk" and Plaso don't work properly
  • During the system boot if there is no network cable connected, there is a boring timeout of 300 seconds
  • “TSURUGI Linux - the sharpest weapon in your DFIR arsenal”