Tableau Firmware Update Revision History for v7.25
Please note: This page only displays release notes back to 2010. Please contact Opentext Support if you require release notes prior to 2010.
Revision:v7.25
Released:October 9, 2018
Affected Models:TX1

Description:

This release includes a new major firmware update for the Tableau TX1 Forensic Imager. The changes are described below.

TX1 Forensic Imager - version 2.0

Please note: this is a mandatory update for TX1 users.

TX1 SD Card SHA-256 hash value: 7932ee2f423fcc239e268ac8cac8f11ff8f4b9b817c3c4a0da50818feb65e1f6

Please download and read the updated TX1 2.0 User Guide to learn how to use the new features included in this release.TX1 version 2.0 User Guide.

New Features

  • Logical imaging and search – A user can now acquire forensically-sound logical images from locally attached drives and network shares. A user can image the entire filesystem, manually select specific folders and files, or use the powerful Files to Acquire screen to define a targeted search profile using pre-defined and custom criteria. The Files to Acquire search function provides a basic (default) and advanced mode, which can be simply enabled and disabled in the default settings screen. [TBL-2643]
  • Detect drives with whole disk encryption – Automatically detects drives encrypted with the following whole disk encryption types: Microsoft BitLocker & BitLocker To Go, Apple FileVault 2, Linux LUKS, BestCrypt, Symantec PGP Disk. When the TX1 detects an encrypted drive, it displays an information message indicating the encryption type on the drive tile summary and the drive detail screen. The encryption type is also reported in the forensic log. [TBL-2635]
  • Detect Apple Fusion Drives on Apple Macs connected in Target Disk Mode – Detects and presents both physical drives (HDD and SSD) configured as one Fusion Drive on Apple Macs connected to the TX1 in Target Disk Mode. Fusion Drives are configured on some Apple iMacs and Mac Minis. [TBL-2843]
  • Display more USB device descriptors – The following USB descriptors are now displayed in the USB device media detail screen and reported in the forensic log: Class, SubClass, Protocol, VID (Vendor ID), and PID (Product ID). [TBL-2836]

Enhancements

  • SMB 3.0 is now the default SMB version selected when adding a CIFS share. [TBL-3025]
  • A user can now select file sizes larger than 2GB for E01 file types. [TBL-2518]
  • The physical port to which a drive is connected is now reported in the forensic log. [TBL-2323]
  • iSCSI and CIFS network shares can now be added within the job setup workflow. [TBL-2465]
  • Performance is now improved when using the E01 file format. [TBL-2810]
  • Increased the height of the language selection list window so that it now displays all values without scrolling. [TBL-2957]

Issues Fixed

  • After performing a secure erase on some SSDs the TX1 will report the drive has Security Lock enabled. [TBL-2762]
  • TX1 falsely indicates HPA is temporarily removed from some SSDs configured with a 28-bit HPA. [TBL-3138]
  • Unable to remove DCO from an Intel 320 SSD when the DCO and HPA are set using the same capacity. [TBL-2809]
  • Some PCIe AHCI SSDs may report incorrect HPA or DCO configuration and display a non-functioning HPA/DCO remove button in the drive detail screen. [TBL-3103]
  • Cannot properly mount some iSCSI targets that have the iSCSI service bound to more than one live Ethernet interface. [TBL-3090]
  • Windows Dynamic disks with MBR partition style are not detected. [TBL-3107]
  • CIFS shares protected by NTLM authentication may not mount. [TBL-2538]
  • Some USB drives with a FAT32 filesystem that is larger than the size of the drive are not detected. [TBL-2804]
  • Dates stored in the E01 header are interpreted incorrectly by some third-party software (but are interpreted correctly by EnCase). [TBL-2996]
  • E01 or Ex01 images created with a large number of segment files (in the thousands) may not import into EnCase. [TBL-2712]
  • Writing E01 or Ex01 images to a Windows 7 CIFS fileshare using SMB version 2.1 or 3.0 may create corrupted files. [TBL-2977]
  • E01 duplication jobs with non-ascii characters entered into user data entry fields (Examiner name, Case ID, Notes, or Image name) will cause the TX1 to reboot when the job starts. [TBL-2989]
  • Duplication jobs with case notes that are very long (40+ lines) will cause the TX1 to reboot when the job starts. [TBL-3187]
  • The forensic log list may report stale information for active jobs. [TBL-2298]
  • TX1 shows zero errors in forensic log for a drive that encountered recoverable read errors. [TBL-2744]
  • Unable to queue a verification job on a drive that is concurrently being used in a duplication job. [TBL-2280]
  • Jobs added to the queue behind an active restore job may not run immediately even if the drives used in the new jobs are available. [TBL-2818]
  • Attempting to eject a PCIe NVMe SSD may display the error "Failed to eject drive" and not eject properly. [TBL-2299]
  • Incorrect warning message displays when wiping unlocked drives encrypted by the TX1. [TBL-2832]
  • iSCSI duplication log displays "FIXME" for the source file system location instead of the IQN and IP address. [TBL-3128]
 
ModelTimestampVersion Code
TX1n/a2.0.0
 
ModelTimestampVersion Code
T6esFeb 20 2013 16:47:04n/a
TDP6Aug 10 2017 09:48:091.1.1
T6uApr 27 2018 14:10:192.0.1
T7uApr 27 2018 14:10:192.0.1
T8Jul 21 2011 18:03:02n/a
T8-R2Feb 19 2013 16:54:16n/a
T8uApr 27 2018 14:10:192.0.1
T9Nov 10 2010 14:00:52n/a
T35eSep 12 2011 11:33:47n/a
T35esJan 23 2013 12:20:26n/a
T3iuSep 15 2015 11:21:22n/a
T35uSep 15 2015 11:19:41n/a
T35u-R2Sep 15 2015 11:20:35n/a
T35689iuJun 08 2015 11:43:21n/a
T356789iuApr 27 2018 14:10:192.0.1
TDM1Nov 16 2015 13:04:26n/a
T3458isJun 15 2012 10:05:04n/a
T34589isSep 17 2012 15:22:39n/a
TDW1Sep 29 2011 13:39:38n/a
TD1Oct 24 2012 17:38:172.39
TD2May 02 2013 21:35:474.01
TD2uNov 28 2017 14:31:221.3.0
TD3n/a2.0.0

Call Sales

Need help immediately?
Call us at (844) 576-9354, or submit this form: