Cellebrite’s UFED, a Must for Forensic Investigators!

Thursday, April 19th, 2012

The digitalization has transformed the criminal enterprise to a high tech, stealthy, global organization. Identity theft, money laundering, fraud, theft of intellectual property, etc., are a few to add in a long list of crimes happening in web 2.0. Imagine if your friend is charged with money laundering which he/she is not committed. What if you could show electronic evidence that proves his/her innocence! Sounds interesting? Cellebrite’s UFED, a mobile forensic devise, gives investigators all the tools necessary to do job efficiently, with a full complement of accessories, cables, card readers and much more, plus powerful analyzing, extraction & reporting software that can be run from any PC.

With a rapid change in technology and advanced mobile devices, BlackBerrys, Androids, iPhones are some of the smart phone we use on daily basis to take photographs,send texts and emails, update Facebook, consult maps, search the web, and the list goes on. As we do this, however, our mobile devices often are quietly making records and generating evidence of all these activities. For better or for worse, this makes mobile devices perhaps the richest source of evidence about the people that use them.

However, one of the major issues is that, because the mobile device industry is still at nascent stage, a multitude of different operating systems, communications protocols, and data storage methods are in use, and more are being developed every day such as Apple’s iOS, Google’s Android, BlackBerry OS, Microsoft’s Windows Mobile, HP’s webOS, Nokia’s Symbian OS, and many others. What is the best solution then? Cellebrite’s UFED!


Why Cellebrite’s UFED?

A few exceptional and analyzing capabilities of the Cellebrite UFED standalone mobile forensic device:

  • Portable, fast and easy to operate, facilitates a truly untethered operation even in the most remote locations.
  • Performs physical, logical, user password and file system extractions.
  • IOS physical extraction, decoding & real-time decryption.
  • Gives access to internal application data.
  • Data extraction of hidden, existing and deleted data.
  • Android & GPS devices extraction and decoding.
  • Blackberry decoding.
  • Phone internal data including IMSI history, past SIM cards used, past user lock code history

In short, Cellebrite’s UFED is designed specifically for forensic investigators. Its best used for retrieving data ( deleted and non-deleted) from mobile phones, as the UFED forensic system empowers law enforcement, computer crime and investigations to capture critical forensic data and much more. The best part is it covers all major mobile OS: IOS, Android, BlackBerry, Symbian, Windows Mobile and Palm.

E-Forensics Supports Your Ongoing Investigation by Capturing The Legal Defensible Data

Thursday, June 12th, 2008

E-Forensics is the application of electronic investigation, which has the capabilities of recovering data or visible to the user in legal proceedings. The deleted files often contain the Electronic files that do not show up which is important to your case, but identifying the deleted files plays the key role in e-forensic.

The latest technology of e-forensics makes sure that the information is legally justifiable by maintaining a proper document chain of custody, identifying the electronic data capturing methods and gain the knowledge of latest technologies used in e-forensics.

Electronic discovery is the process of extracting data from electronic documents that contains electronic data such as e-mail, word processing files, accounting files ,spread sheets, presentation files, databases, CAD and some form of computer records stored, where the CPU caches are generally managed by hard drives which includes cache memory, magnetic disks, optical disks such as DVD’S,CD’S. Often such information or data that is recorded on any type of electronic media has the possibility of discovery of data in the claim, which can be shown as evidence.

E-forensic applies special scientific methods to determine the scope and presence of information contained on digital media. E-forensic differs from electronic discovery and is used only in case of potential crime involved. The data that is not accessible by the user which includes information such as deleted files, hidden files, web based files, password protected files and special devices such as ipods, Mp3 player’s, storage area network and cellphones can also be discovered with E-forensics

Capturing electronic media forensically:

The original media is copied using specific capture applications with features so that there are no changes made to the original one. Security Hash algorithms are provided to take initial measurement of each file. A form of digital finger print is applied before and after processing activities to prove whether the file is changed or not during processing. Most common types of hash algorithms use MD5 (128 bit algorithm) and SHA1 (160 bit algorithm) which is primarily used in computer forensics.

There are two methods to copy the process: Bit-by-Bit copy and Forensic image.

* Bit-by-Bit Copy: To make the exact copy of the device, each specific byte in the device is copied to the new device and the write blocker software or hardware is utilized to prevent any changes to the data. This creates the exact copy that requires no manipulation of the data to recreate the original media.

* Forensic Image: All the files on original media are contained inside the forensic image file, where it contains a wrapper which protects the files. To create this image file special software is required and this cannot be altered without the change of hash algorithm. In addition a cross validation test is performed to validate the process.

By this process of capturing the data, e-forensic tool provides a solution to the individuals, government agencies and private industry in tracking the things by this scientific equipment tool which provides the required analyzes and interpretation to a court. www.DataTriage.com is the best e-forensic service expert providing the cost effective approach to support ongoing investigation.