Cellebrite UFED Ultimate

Powered by SC Magazine
 

Cellebrite UFED Ultimate is a forensic tool for gathering information from portable devices, such as cell phones, tablets, PDAs, memory sticks, standalone GPS devices and USB drives.

It contains more than 100 different cables to fit almost any phone, GPS or tablet. The system is also capable of supporting more than 7,700 tested devices and regularly updates its list. Additionally, UFED supports more than 3,000 knock-off phones. UFED comes in a heavy-duty carrying case clearly intended for field use. The product can auto-detect a large number of different devices. Once an apparatus is detected, UFED dumps the contents of it onto a USB drive or connected PC. The PC has a reporting application, available at no additional cost, that formats the dumped assets into a useful report. 

We received our UFED and after charging the battery the product started right up and offered the choice of selecting a device to test, either manually or by auto-detect. Once a phone or other device is connected and recognized, a cable number is displayed to check whether the correct device and cable are selected. To avoid common user errors and to ensure fast and easy information dumping, UFED provides specific instructions for each device. USB and serial cable types are supported and cables are well-organized to avoid tangling, making it easy to find a specific cable.

Because UFED is used in the field, it is possible that a mobile device will have an uncharged battery, so the product comes with a battery-based charger. The testable devices dictate what data is available to UFED. Typically, some older phones and Android devices can cause difficulty. Also, not all mobile devices retain artifacts of deleted data and, therefore, such data may not be recoverable.

We tested several phones with mixed results, which were fully dependent on the device. Smartphones, such as the BlackBerry Bold that we tested, provide a great deal of information. Older phones require that users remove the SIM card and test it separately. The product offers a significant amount of flexibility, but like many forensic tools, we recommend that users become familiar with its strengths to experience its full potential.
UFED excels at providing a quick forensic dump and creating comprehensive reports. The conveniently sized hand-held tool is comfortable to hold and we liked its intuitive user interface. UFED's real strength as a field kit is its ability to process many mobile devices in a short amount of time. We wish, though, that it had the ability to dump files in an automatic, full forensic investigation. However, we believe the portability, speed and ease of use make up for this. 

Support comes at no additional cost. The website is a work in progress, with a knowledge base planned for the near future. UFED is a bit pricey, but if one is processing large numbers of mobile devices, it will soon pay for itself. The device contains an excellent help menu, allowing users to diagnose problems before contacting support. This product is the easiest-to-use forensic tool for mobile devices we have seen, which translates into efficiency.

Copyright © SC Magazine, US edition


Cellebrite UFED Ultimate
 
:
Overall Rating
Verdict:
This can be expensive, but is worth the cost when processing large numbers of mobile devices. It’s excellent for field work and is fast and easy to use. We designate it our Best Buy.
Product Info
Supplier:
 
 
 
 
Top Stories
Meet FABACUS, Westpac's first computer
GE225 operators celebrate gold anniversary.
 
NSW Govt gets ready to throw out the floppy disks
[Opinion] Dominic Perrottet says its time for government to catch up.
 
iiNet facing new copyright battle with Hollywood
Fighting to protect customer details.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
In which area is your IT shop hiring the most staff?




   |   View results
IT security and risk
  26%
 
Sourcing and strategy
  12%
 
IT infrastructure (servers, storage, networking)
  21%
 
End user computing (desktops, mobiles, apps)
  15%
 
Software development
  26%
TOTAL VOTES: 339

Vote
Would your InfoSec team be prepared to share threat data with the Australian Government?

   |   View results
Yes
  58%
 
No
  42%
TOTAL VOTES: 143

Vote