LOL
Just to clear the extents of my previous post, I have no reason to doubt that this Ballistic Imager (as well IXimager, to name one BTW) is among the first few best things in the world (anyway after ice cream, beer and sliced bread wink ), what I am saying is simply that their web site and marketing/communicating strategy seemingly suck, and suck big.
Also, being so secretive, I find it queer how they declare how they do training courses
http//
for covert operations stating where they take place
We also offer specialised training courses for covert operations, based at our Horsham Offices.
roll
The whole stuff seems however more aimed to defense/intelligence than "forensics".
@jhup
Did you manage to fix your optical undulators?
jaclaz
I suppose the notable words here are that the software "can" image up to xxxx speeds.
Looking at their example, they say they can image a 256GB HDD in 12 mins. Conservatively that works out at approx 356MB/sec ((256000/12)/60). So if you are imaging a PC where the motherboard not only supports SATA 3 for the source disk but also has a spare eSATA/USB 3 port - well maybe then you might see those sort of speeds.
Interestingly, the other bit of detail they give on the performance (1TB in 35 mins) would require writing data at 476MB/sec ((1000000/35)/60) - a 33% increase. You could image a 256GB HDD in 8 mins at that speed.
Someone promising to deliver data faster than theoretical device limits of not one device but many, from various vendors of various designs?
If I remember, some late modems did that, claiming transfer rates that were impossible. Of course, they didn't measure *actual* transfer rate (on the wire), but *perceived* transfer rate, involving compression before the actual transfer was performed, and usually assuming that a compression rate of 70% or so was feasible.
I'm not claiming that this is a similar case – only that one needs to be careful about interpreting sales talk.
I'm not claiming that this is a similar case – only that one needs to be careful about interpreting sales talk.
In this specific case we need however to interpret sales non-talk . 😯
jaclaz
hi all
i wanted to image a hard disk which is protected with password. the imager forensic dossier says the disk is password protected, unlock to continue. i tried with talon but it is not recognised. i also tried to clone thru CAINE, but i could not complete. my pc is able to see the hard disk, but it is not being mounted. encase shows unallocated disk area. is it there any method to image the hard disk while maintaiing the integrity of the data.
cheers,
Hello,
I'm looking at this product from a military perspective, however I've been in forensics for a long time so should hopefully be able to see it from a 'standard forensics' point-of-view also.
I'm seeing them on Wednesday.
hi all
i wanted to image a hard disk which is protected with password.
Please … don't hijack already running threads. Start a new thread instead – you're much more likely to get responses that way.
Later OK, I see that you already have.
If I remember, some late modems did that, claiming transfer rates that were impossible. Of course, they didn't measure *actual* transfer rate (on the wire), but *perceived* transfer rate, involving compression before the actual transfer was performed, and usually assuming that a compression rate of 70% or so was feasible.
They were the 2400 baud, MNP 5 modems. The idea was that the on-the-fly compression was done in the modem instead in the computer. It was the harbinger of switching from baud to bps.
Maybe I am just getting jaded, so let me soften my stance.
It is possible that the vendor implemented methodologies and resources to reduce most of the overhead and get the maximum possible from the system.
Hello all,
I saw the company yesterday for a live demo. I took my laptop in, with a 256GB drive, and it was imaged (dd binary image) in just over 12 minutes. It works on a live system and will take a RAM image as well. They also provide a secure boot environment (CD or USB), which will boot any Intel machine (Windows, OSX & Linux) to image the internal physical drive.
I've bought a single license to run some tests on. I took an old laptop with me as well, and it imaged it faster than FTK Imager could manage. FTK ran at about 8MB/sec when imaging the drive over USB, their Ballistic tool ran at 38MB/sec.
Clever stuff, good to see a company doing something different for a change.