Can we work together?

We had some requests about possible professional collaborations with our core team and to answer you all we remember that a part of us work in the private sector, in law enforcement, as lawyer (expert in cyber security) and as freelance DFIR expert.

As you guess, earn money is not the goal of our open source project, but feel free to drop us an email if you need and we will answer to you if we are able to help you or if we can suggest to you some good friends in the field/Country of your interest.

Known issues

Here below will be published any known issue on latest releases, with suggestions about possible workarounds waiting for new updates:

  • The recent release needs more ressources (CPU,RAM,...) and if those are less than the specified hardware requirements there is the risk that the installer process crash at the end when the bootable partition is created or that when is put the password to open the session, the main process crash. We are aware about this topic and we will improve this aspect in the next release
  • We detected that, in certain circumstances, the file manager (Caja in the old versions) can keep in memory information regarding the previous "ro/rw" status of the device and show an error (impossible to write on Read-Only device)
    If you perform all operation by CLI you can easily understand that the write blocker system works properly and there are no problems, but to avoid this graphical misleading issue you can just close all open windows with the command "killall caja" Remember to enable the RW option before the device mount

  • Using Gparted tool, to manipulate devices/partitions, can produce an error because each time Gparted do a refresh, the device is automatically locked in Read-Only mode by the forensic kernel.
    If you need to create a partition, for example, try instead to use "mkfs*" commands
  • Is not possible to mount encrypted volumes (Bitlocker, LUKS,...) in Read/Write mode because the device locker at kernel level always puts the loopback interfaces in Read Only mode
    Feel free to drop us an email if you have this need
    • “TSURUGI Linux - the sharpest weapon in your DFIR arsenal”