UFED Touch Ultimate
May 20, 2013
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: This device is easy to use, fast, portable and powerful
- Weaknesses: A bit pricey for smaller organisations. Could use a direct export to a media forensic format, such as dd
- Verdict: This device for mobile forensics is unsurpassed for use in the field. For mobile device forensics we designate this Recommended
Cellebrite's UFED Touch Ultimate is a fully equipped mobile forensic tool that enables quick and easy data acquisition from more than 8,000 mobile devices, including not only mobile phones, but handheld GPS units, tablets and other mobile platforms. The list of supported devices is constantly growing (and posted on Cellebrite's website).
It cannot only take data from phones, but also directly from a SIM card. This system allows the user to attach the device being examined and quickly extract data by either selecting the device or allowing the system to auto-detect it.
When we received our UFED Touch Ultimate, we were able to power it on right away and the familiar Windows XP splash screen is engaged. The UFED Touch program is automatically configured with the XP OS. The main menu is straightforward, giving the choice to perform logical and physical extractions, as well as SIM extracting and copying. Another feature is the ability to extract passwords from mobile devices.
The device comes with powerful and easy-to-use analytic software that generates full forensic reports. It has the ability to carve images from physical, as well as logical extractions. The extent of the data recovery available may be limited based on the mobile device being examined. Some units, such as iOS devices, do not keep deleted artefacts, as do many lower quality phones. For many phones, the tool can bypass or extract passwords or pins.
While UFED Touch Ultimate has a fair number of export formats - e.g., formats that allow link analysis - it does not export directly in a media forensic format - e.g., e01, dd and more. That makes it simple to add data to a computer/media forensic case analysis. That limitation does not however, detract from its power in the field, its ease of use and speed of extraction. As a field tool, UFED Touch Ultimate is unsurpassed.
The solution has a long battery life and can charge from the 12-volt adapter in a car, as well as AC wall power. The availability of a mobile charge is one of the many features that make this unit ready for field use. It comes with a rugged rubber case protecting it from any potential physical harm. The case also comfortably holds all the necessary peripherals. When doing mobile extractions to the included USB flash drive, we experienced logical extraction times ranging from two to 15 minutes depending on the device being examined. For a physical extraction, the times ranged from 20 to 45 minutes. In both cases, the battery life of the unit had plenty of juice to spare after taking images of the phones.
This package of hardware and software could go for far above its listed price point. Having one tool that can extract data as easily and efficiently as does UFED Touch Ultimate is an advantage to any forensic team. Allowing this technology to be as portable as this extends its functionality and practicality. The portability of the device is what we believe will make it the most essential tool in any mobile forensic teams' kit.
All in all, UFED Touch Ultimate is an essential device for mobile forensics in the field. It is well worth the cost.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
SOC Analyst, Aldershot, £47-56k + package
Infosec People - Hampshire, England, Aldershot
Senior Security Engineer
Loveworklife Recruitment - United Kingdom
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Microsoft update left Azure Linux virtual machines open to hacking
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- ICYMI: CEO Sacked; MS Zero-day; Passwords dropped; Ransomware wild, charging hack
- 9.2 million medical records for sale on darkweb
- ICYMI: Tesco warned; IP Bill threatens economy; German routers offline; Azure trojan; Gooligan fraud
- Data centres are on the move - where will they end up?
- 90% of ITDMs believe IAM is crucial to digital transformation success
- Research: Hacked companies could see customer exodus if breached
- Misconfigured drive exposes locations of explosives used by oil industry