Cellebrite UFED Ultimate

Powered by SC Magazine
 

Cellebrite UFED Ultimate is a forensic tool for gathering information from portable devices, such as cell phones, tablets, PDAs, memory sticks, standalone GPS devices and USB drives.

It contains more than 100 different cables to fit almost any phone, GPS or tablet. The system is also capable of supporting more than 7,700 tested devices and regularly updates its list. Additionally, UFED supports more than 3,000 knock-off phones. UFED comes in a heavy-duty carrying case clearly intended for field use. The product can auto-detect a large number of different devices. Once an apparatus is detected, UFED dumps the contents of it onto a USB drive or connected PC. The PC has a reporting application, available at no additional cost, that formats the dumped assets into a useful report. 

We received our UFED and after charging the battery the product started right up and offered the choice of selecting a device to test, either manually or by auto-detect. Once a phone or other device is connected and recognized, a cable number is displayed to check whether the correct device and cable are selected. To avoid common user errors and to ensure fast and easy information dumping, UFED provides specific instructions for each device. USB and serial cable types are supported and cables are well-organized to avoid tangling, making it easy to find a specific cable.

Because UFED is used in the field, it is possible that a mobile device will have an uncharged battery, so the product comes with a battery-based charger. The testable devices dictate what data is available to UFED. Typically, some older phones and Android devices can cause difficulty. Also, not all mobile devices retain artifacts of deleted data and, therefore, such data may not be recoverable.

We tested several phones with mixed results, which were fully dependent on the device. Smartphones, such as the BlackBerry Bold that we tested, provide a great deal of information. Older phones require that users remove the SIM card and test it separately. The product offers a significant amount of flexibility, but like many forensic tools, we recommend that users become familiar with its strengths to experience its full potential.
UFED excels at providing a quick forensic dump and creating comprehensive reports. The conveniently sized hand-held tool is comfortable to hold and we liked its intuitive user interface. UFED's real strength as a field kit is its ability to process many mobile devices in a short amount of time. We wish, though, that it had the ability to dump files in an automatic, full forensic investigation. However, we believe the portability, speed and ease of use make up for this. 

Support comes at no additional cost. The website is a work in progress, with a knowledge base planned for the near future. UFED is a bit pricey, but if one is processing large numbers of mobile devices, it will soon pay for itself. The device contains an excellent help menu, allowing users to diagnose problems before contacting support. This product is the easiest-to-use forensic tool for mobile devices we have seen, which translates into efficiency.

Copyright © SC Magazine, US edition


Cellebrite UFED Ultimate
 
:
Overall Rating
Verdict:
This can be expensive, but is worth the cost when processing large numbers of mobile devices. It’s excellent for field work and is fast and easy to use. We designate it our Best Buy.
Product Info
Supplier:
 
 
 
 
Top Stories
CIO exits as Coles steps up offshoring
Updated: Engages Accenture in Manila; staff to learn of their fate today.
 
Matching databases to Linux distros
Reviewed: OS-repository DBMSs, MariaDB vs MySQL.
 
Coalition's NBN cost-benefit study finds in favour of MTM
FTTP costs too much, would take too long.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Which is the most prevalent cyber attack method your organisation faces?




   |   View results
Phishing and social engineering
  71%
 
Advanced persistent threats
  3%
 
Unpatched or unsupported software vulnerabilities
  11%
 
Denial of service attacks
  6%
 
Insider threats
  10%
TOTAL VOTES: 785

Vote