Hi All,
I just acquired one of these and wanted to share my findings. This was a newer Macbook Air with 2 USB ports
-Raptor allows you to boot into the machine but does not recognize the SSD drive.
-Paladin allows you to boot into the machine but does not recognize the SSD drive. This one shouldn't have been a surprise but the website clearly states "Boot standard PCs and Intel Macs in a forensically sound manner (including the MacBook Air)" so I was hoping that one would intend to image the mac after booting into it forensically.
-LinEn allows you to boot into the machine but does not recognize the SSD drive.
I ended up using FTK Imager for Mac GUI (http//
I am also told that EncasePortable will do the job (using the boot CD, as it won't boot of USB drive).
Hope this helps some people in the future!
Here is a write up on imaging a Macbook Air with WinFE as another option that may work
http//
All possible solutions. I would recommend
It was also in the review that bshavers mentioned.
Full disclosure I am the VP of Product Development at BlackBag.
We have had very good results since we purchased MacQuisition including on a MacBook Air with a SSD. Slow only in the USB/Firewire speed restriction but very efficient and extremely easy to use, not to mention portable! )
Greetings,
I was unable to get a Mac Air to boot with WinFE. Multiple sources told me that the Air would only boot from an external OS X boot source so WinFE, Raptor, etc all will not work on "recent" Airs. The only surefire option, at the moment, seems to be MacQuisition.
-David
Sorry for the late reply, but have you heard of Paladin by Sumuri? It's pretty good and at a good price, FREE -)
Steve Whalen, who created the Raptor Live CD, created Paladin when he left Forward Discovery.
http//
http//
Joe
Another alternative is to install a licensed copy of retail OSX onto a USB and set the permissions on the /Volumes folder on your USB based OSX to prevent auto-mounting during boot. From here you can use FTK imager or dd to image
Ian
Greetings,
I've been meaning to build one of these, but haven't gotten motivated yet ….
-David
Greetings,
I was unable to get a Mac Air to boot with WinFE. Multiple sources told me that the Air would only boot from an external OS X boot source so WinFE, Raptor, etc all will not work on "recent" Airs. The only surefire option, at the moment, seems to be MacQuisition.
-David
Interesting, was there a difference if you were using the "magical" Apple external Air DVD drive or were your results using something else for a boot device? Was there any indication from your sources as to what was different between the different generations? Is it something to do with SSDs?
I am curious if there has been some change in the hardware.
Greetings,
The issue seemed to be only with booting from a thumb drive or external USB drive. Booting from a CD and an external CD drive seems to work, though more testing is required.
-David