14 DAY TRIAL // The developers of the DEFT Linux forensic operating system have announced the immediate availability for download of a new edition called DEFT Zero, versioned 2017.1, and based on Lubuntu 14.04.02 LTS.
DEFT Zero (2017.1) appears to be a light version of DEFT Linux, which has been specifically designed to help law enforcement catch criminals by providing them only with the software tools needed for acquiring digital evidence.
"DEFT Zero is designed to be a DEFT light version focused on the forensically copy of digital evidence (i.e. hard disks, USB devices and network shares)," reads the PDF manual created by the DEFT developers specifically for this edition.
To sustain this goal, DEFT Zero comes with support for NVM Express (NVMe) and eMMC memories, such as those found in MacBook 2015 editions, as well as UEFI (Unified Extensible Firmware Interface) support.
DEFT Zero requires about 400 MB of RAM to boot
Another interesting feature of the DEFT Zero (2017.1) edition is that it can boot on very old computers that only have about 400 MB of RAM (system memory). However, you can also use it on modern, 64-bit computers, including those with Secure Boot enabled.
The Live ISO image is available for download on our website, and it features three boot options, including the ability to copy the contents to RAM and use the distro in live mode directly from the computer's system memory, ejecting the bootable medium.
DEFT Zero also provides users with support for mounting devices in read/write and read-only mode, just like the full edition of DEFT Linux. In-depth details about how you can mount devices using a GUI or via command-line can be found in the PDF manual.
As mentioned before, DEFT Zero (2017.1) is based on the Lubuntu 14.04.2 LTS (Trusty Tahr) operating sysytem, which means that it uses the lightweight LXDE desktop environment. Updates will be provided as long as Lubuntu 14.04 LTS is also supported.