1. Free Adobe Reader For Mac
2. Adobe Acrobat Reader For Mac
3. E-reader For Mac

The UFED Phone Detective mobile app is a fast, easy way to view forensic extraction and decoding capabilities, as well as connectivity methods, for any mobile. Best Video Software for the Mac.

• UFED 4PC is Cellebrite’s software-based mobile forensic solution. It provides users a cost effective, flexible and convenient tool on their existing PC or laptop. UFED 4PC Ultimate is based on the same trusted UFED technology, enabling users to perform extraction, decoding, analysis and reporting on a single platform.
• During the 1980s, most digital forensic investigations consisted of 'live analysis', examining digital media directly using non-specialist tools. In the 1990s, several freeware and other proprietary tools (both hardware and software) were created to allow investigations to take place without modifying media. This first set of tools mainly focused on computer forensics, although in recent years.
• UFED Touch is a new generation handheld unit that empowers law enforcement, military, intelligence, corporate security, and e-discovery personnel to capture critical forensic evidence from all mobile devices.

During the 1980s, most digital forensic investigations consisted of 'live analysis', examining digital media directly using non-specialist tools. In the 1990s, several freeware and other proprietary tools (both hardware and software) were created to allow investigations to take place without modifying media. This first set of tools mainly focused on computer forensics, although in recent years similar tools have evolved for the field of mobile device forensics.^[1] This list includes notable examples of digital forensic tools.

• 1Forensics-focused operating systems

Forensics-focused operating systems[edit]

Debian-based[edit]

• Kali Linux is a Debian-derived Linux distribution designed for digital forensics and penetration testing, formerly known as BackTrack.^[2]

• Parrot Security OS is a cloud-oriented GNU/Linux distribution based on Debian and designed to perform security and penetration tests, do forensic analysis, or act in anonymity. It uses the MATE Desktop Environment, Linux Kernel 4.6 or higher and it is available as a live lightweight installable ISO image for 32-bit, 64-bit and ARM processors with forensic options at boot, optimizations for programmers, and new custom pentesting tools.^{[citation needed]}

Ubuntu-based[edit]

Free Adobe Reader For Mac

• CAINE Linux is an ubuntu-based live CD/DVD. CAINE stands for Computer Aided INvestigative Environment.
• DEFT Zero is another (L)ubuntu-based live cd, but focused on cloning machine. DEFT stands for Digital Evidence & Forensic Toolkit^[3]

Gentoo-based[edit]

• Pentoo Penetration Testing Overlay and Livecd is a live CD and Live USB designed for penetration testing and security assessment. Based on Gentoo Linux, Pentoo is provided both as 32-bit and 64-bit installable live cd. Pentoo also is available as an overlay for an existing Gentoo installation. It features packet injection patched wifi drivers, GPGPU cracking software, and lots of tools for penetration testing and security assessment. The Pentoo kernel includes grsecurity and PAX hardening and extra patches – with binaries compiled from a hardened toolchain with the latest nightly versions of some tools available.^[4]

Computer forensics[edit]

Image and video forensics[edit]

Memory forensics[edit]

Memory forensics tools are used to acquire or analyze a computer's volatile memory (RAM). They are often used in incident response situations to preserve evidence in memory that would be lost when a system is shut down, and to quickly detect stealthy malware by directly examining the operating system and other running software in memory.

Mobile device forensics[edit]

Mobile forensics tools tend to consist of both a hardware and software component. Mobile phones come with a diverse range of connectors, the hardware devices support a number of different cables and perform the same role as a write blocker in computer devices.

Adobe Acrobat Reader For Mac

Software forensics[edit]

Software forensics is the science of analyzing software source code or binary code to determine whether intellectual property infringement or theft occurred. It is the centerpiece of lawsuits, trials, and settlements when companies are in dispute over issues involving software patents, copyrights, and trade secrets. Software forensics tools can compare code to determine correlation, a measure that can be used to guide a software forensics expert.

Other[edit]

References[edit]

1. ^Casey, Eoghan (2004). Digital Evidence and Computer Crime, Second Edition. Elsevier. ISBN0-12-163104-4.
2. ^'Kali Linux Has Been Released!'. 12 March 2013. Archived from the original on 9 May 2013. Retrieved 18 March 2013.Cite uses deprecated parameter |dead-url= (help)
3. ^DEFT Zero
4. ^'Pentoo 2015 – Security-Focused Livecd based on Gentoo'. Archived from the original on 1 July 2018. Retrieved 1 July 2018.Cite uses deprecated parameter |dead-url= (help)
5. ^Adams, R., Mann, G., & Hobbs, V. (2017). ISEEK, a tool for high speed, concurrent, distributed forensic data acquisition. Paper presented in Valli, C. (Ed.).The Proceedings of 15th Australian Digital Forensics Conference 5–6 December 2017, Edith Cowan University, Perth, Australia DOI 10.4225/75/5a838d3b1d27f[1]
6. ^Bhoedjang, R; et al. (February 2012). 'Engineering an online computer forensic service'. Digital Investigations. 9 (2): 96–108. doi:10.1016/j.diin.2012.10.001.
7. ^Huijbregts, J (2015). 'Nieuwe forensische zoekmachine van NFI is 48 keer zo snel als voorganger'. Tweakers. Retrieved 11 September 2018. Named after the famous elephant Hansken, because of their tremendous memory
8. ^Nelson, Bill; Phillips, Amelia; Steuart, Christopher (2015). Guide to Computer Forensics and Investigations. Cengage Learning. pp. 363, 141, 439, 421, 223, 554, 260, 168, 225, 362. ISBN978-1-285-06003-3.
9. ^'OSForensics - Digital investigation for a new era by PassMark Software®'. osforensics.com.
10. ^Mohay, George M. (2003). Computer and intrusion forensics. Artechhouse. p. 395. ISBN1-58053-369-8.
11. ^Dell Corporation (2012-07-13). 'SPEKTOR Mobile Digital Forensics Intelligence Solution'(PDF).
12. ^Mislan, Richard (2010). 'Creating laboratories for undergraduate courses in mobile phone forensics'. Proceedings of the 2010 ACM conference on Information technology education. ACM: 111–116. Retrieved 29 November 2010. Among the most popular tools are products named MicroSystemation GSM .XRY and .XACT, Cellebrite UFED, Susteen Secure View2, Paraben Device Seizure, Radio Tactics Aceso, Oxygen Phone Manager, and Compelson MobilEdit Forensic

See also[edit]

CellebriteMobile Synchronization is an Israeli company that manufactures data extraction, transfer and analysis devices for cellular phones and mobile devices. The company is a subsidiary of Japan's Sun Corporation.

• 2History
• 3Products
  • 3.2Mobile forensics products

Overview[edit]

Cellebrite is headquartered in Petah Tikva, Israel. Its two subsidiary companies, Cellebrite USA Corp. and Cellebrite GmbH are respectively based in Parsippany, New Jersey, US, and Munich, Germany. Cellebrite is a fully owned subsidiary of Sun Corporation, a publicly traded company listed on JASDAQ (6736/JQ) based in Nagoya, Japan.

In 2017, Cellebrite's Mobile Lifecycle division was rebranded as Mobilogy.^[1]

Mobilogy produces hardware and software for phone-to-phone data transfer, backup, mobile applications electronic software distribution, and data analysis tools. Mobilogy products are used by various mobile operators, and are deployed in wireless retail points of sale. Mobilogy works with handset manufacturers to ensure compatibility^{[clarification needed]} before devices are released to the public.^[2]

Cellebrite's Mobile Forensics division was established in 2007 and produces software and hardware for mobile forensics purposes used by federal, state, and local law enforcement; intelligence agencies; military branches; corporate security and investigations; law firms; and private digital forensic examiners.^[2]

History[edit]

Cellebrite was established in Israel in 1999 by Avi Yablonka, Yaron Baratz and Yuval Aflalo.^{[citation needed]}

Ron Serber joined Cellebrite at Dec 2000 as VP R&D and Yossi Carmil in Aug.2004 as CEO and later on Ron and Yossi share the CEO title, and now as co-CEO.

Cellebrite's first manufactured hardware and software offered a compressive phone-to-phone data transfer devices and offered contact synchronization and content transfer tools for mobile phones, intended for use by wireless carrier sales and support staff in retail stores.

Initially, Cellebrite's commercial products were used as a tool for migration from IS-95 (CDMA) enabled mobile phones to the GSM standard. Later, Cellebrite Wireless Carriers & Retailers' Universal Memory Exchanger (UME) gained additional data extraction and transfer capabilities, as well as additional mobile phone diagnostics, backup, and application management and delivery.

In 2007 Cellebrite established an independent division targeted at the mobile forensics industry. Cellebrite's Mobile Forensics introduced mobile forensics products in 2007 under the family brand name 'Universal Forensic Extraction Device' (UFED), with the ability to extract both physical and logical data from mobile devices such as cellular phones and other hand-held mobile devices, including the ability to recover deleted data and decipher encrypted and password protected information.

Also in 2007, Cellebrite was acquired by FutureDial Incorporated and one of its major shareholders, Sun Corporation in Japan.^[3] Today it is a fully owned subsidiary of Sun Corporation.

Law enforcement assistance[edit]

In April 2011, the Michigan chapter of the American Civil Liberties Union questioned whether Michigan State Police (MSP) troopers were using Cellebrite UFEDs to conduct unlawful searches of citizens' cell phones.^[4] Following its refusal to grant the MCLU's 2008 Freedom of Information Act request unless the organization paid $544,000 to retrieve the reports, MSP issued a statement claiming that it honored the Fourth Amendment in searching mobile devices.^[5]

In March 2016, it was reported that Cellebrite offered to unlock an iPhone involved in the FBI–Apple encryption dispute.^[6] Later, after the FBI announced it had successfully accessed the iPhone thanks to a third party, a press report claimed Cellebrite had assisted with unlocking the device,^[7] which an FBI source denied.^[8]

A 2017 data dump suggests Cellebrite sold its data extraction products to Turkey, the United Arab Emirates and Russia.^[9]

Products[edit]

Cellebrite wireless carriers and retailers[edit]

For the mobile retail industry, Cellebrite provides gadgets for phone-to-phone content management and transfer, used primarily as a stand-alone device at the point of sale, and electronic software distribution, content backup and management used primarily through over-the-air programming.

The Cellebrite Universal Memory Exchanger (UME) is a standalone phone-to-phone memory transfer and backup machine. It transfers content including pictures, videos, ringtones, SMS, and phone book contact data. The Cellebrite UME Touch and its predecessor, the UME-36, can intermediate information between a range of mobile phones, smartphones and PDAs, and support all mobile operating systems, including Symbian, Windows Mobile, Palm, BlackBerry, iOS and Android.^[10]

Cellebrite's UME standalone device acts as a universal data channel between two mobile devices. It extracts, reads and parses data from a source mobile device and transfers it on-the-fly to a target device without storing any data on the UME device itself. The UME can automatically determine the types of phones which are connected to it and can re-structure the data on the fly according to the source and target phone's storage formats and data fields.

In addition to its Apploader and Device Analytics tools, in May 2012 Cellebrite introduced several new retail products and services, including a POS diagnostics tool, a cell phone buy-back program integration with its UME Touch, and a self-service point.^[11]

Mobile forensics products[edit]

In 2007, Cellebrite announced a line of products it called 'Universal Forensic Extraction Device' (UFED), aimed at the digital forensics and investigation industry. The UFED system is a hand-held device with optional desktop software, data cables, adapters and other peripherals. The UFED additionally has an integrated Subscriber Identity Module (SIM) reader.

Unlike its commercial counterpart, the UME, the UFED system is sold only to approved^{[clarification needed]} government and corporate organizations.^[12] Also unlike the UME, the UFED extracts mobile device data directly onto an SD card or USB flash drive. Another major difference from the UME is the UFED's ability to break codes, decipher encrypted information, and acquire hidden and deleted data.

The UFED has been named 'Phone Forensic Hardware Tool of the Year' for four years running in the Forensic 4cast Awards.^[13]

Cellebrite claims the UFED has the ability to extract data from nearly 8,200 devices as of June 2012.^[14] These include smartphones, PDA devices, cell phones, GPS devices and tablet computers. The UFED can extract, decrypt, parse and analyze phonebook contacts, all types of multimedia content, SMS and MMS messages, call logs, electronic serial numbers (ESN), International Mobile Equipment Identity (IMEI) and SIM location information from both non-volatile memory and volatile storage alike.^[15] The UFED supports all cellular protocols including CDMA, GSM, IDEN, and TDMA, and can also interface with different operating systems' file systems such as iOS, Android OS, BlackBerry, Symbian, Windows Mobile and Palm as well as legacy and feature cell phones' operating systems.

The UFED enables the retrieval of subject data via logical ('what you see is what you get'), file system (e.g., directories and files), or physical extractions (i.e.: hex dump, a bit-for-bit copy of a mobile device's entire storage). Physical extraction enables it to recover deleted information, decipher encrypted data, and acquire information from password-protected mobile applications such as Facebook, Skype, WhatsApp and browser-saved passwords. The UFED's physical extraction functionality can also overcome devices' password locks, as well as SIM PIN numbers.^{[citation needed]}

Forensic breakthroughs[edit]

Cellebrite claims to have been the first in the mobile forensics industry to have achieved a number of smartphone forensic breakthroughs. These include physical extraction and decoding of BlackBerry flash memory (going beyond mass storage or IPD backups), Android user/pattern lock bypass for physical extraction and decoding, physical extraction from phones with Chinese chipsets (including MediaTek and Spreadtrum), TomTomGPS trip-log decryption and decoding, iOS device unlocking, and other research and development.

Forensic data integrity[edit]

Cellebrite claims to maintain the integrity of digital evidence:

• All cable connectors from subject (source) side act as a write blocker, being read-only via the onboard hardware chipset.
• Although a Faraday shielded bag, included in all ruggedized UFED kits, blocks external electromagnetic fields and wireless radio signals, the UFED has a SIM card cloning capability which also isolates the phone from the wireless network.
• Read-only boot loaders keep data from being altered or deleted during a physical extraction.

Data breach[edit]

On 12 January 2017 it was reported that an unknown hacker had acquired 900 GB worth of confidential data from Cellebrite's external servers. The data dump includes alleged usernames and passwords for logging into Cellebrite databases connected to the company's my.cellebrite domain, and also contains what appear to be evidence files from seized mobile phones, and logs from Cellebrite devices.^[16]

The data suggests Cellebrite sold its data extraction products to countries such as Turkey, the United Arab Emirates and Russia.^[9]

See also[edit]

References[edit]

1. ^'Mobilogy Rebrand Press Release'(PDF).
2. ^ ^ab'Cellebrite Customers'. Retrieved April 9, 2017.
3. ^'FutureDial and Sun Corporation Acquire Cellebrite'. ThomasNet. Retrieved July 19, 2012.
4. ^Sullivan, Bob. 'Gadget gives cops quick access to cell phone data'. MSNBC. Archived from the original on April 23, 2011. Retrieved April 21, 2011.Cite uses deprecated parameter |deadurl= (help)
5. ^Heussner, Ki Mae. 'Michigan Police Use Device to Download Cellphone Data; ACLU Objects'. ABC News. Retrieved June 8, 2012.
6. ^'San Bernardino shooting:Israeli company is helping the FBI, reports say'. The Press-Enterprise. March 23, 2016. Retrieved March 23, 2016.
7. ^Benmeleh, Yaacov. 'FBI Worked With Israel's Cellebrite to Crack iPhone'. Bloomberg News. Retrieved April 1, 2016.
8. ^'FBI's Comey, officials discount two iPhone hack theories'. USA TODAY. Retrieved April 1, 2016.
9. ^ ^abCox, Joseph (January 12, 2017). 'Cellebrite Sold Phone Hacking Tech to Repressive Regimes, Data Suggests'. Motherboard. Retrieved July 3, 2017.
10. ^'Data Transfer, Backup and Restore'. Cellebrite. Archived from the original on June 8, 2012. Retrieved July 19, 2012.Cite uses deprecated parameter |dead-url= (help)
11. ^'Cellebrite Empowers Retailers With New Point-of-Sale Tools at CTIA 2012'. MarketWatch. Retrieved June 15, 2012.
12. ^Osborne, Charlie. 'For investigators, a better way to extract data from mobile devices'. SmartPlanet.com. Retrieved July 19, 2012.
13. ^Whitfield, Lee. 'Forensic 4cast Awards 2012 – Results'. Retrieved July 19, 2012.
14. ^'UFED 1.2.0.0 Release Notes'(PDF). Cellebrite. Archived from the original(PDF) on September 13, 2012. Retrieved July 19, 2012.Cite uses deprecated parameter |deadurl= (help)
15. ^Hoog, Andrew. 'Chapter 3. Cellebrite UFED'. viaForensics. Archived from the original on June 20, 2013. Retrieved June 8, 2012.Cite uses deprecated parameter |deadurl= (help)
16. ^'Hacker Steals 900 GB of Cellebrite Data'. Motherboard.

E-reader For Mac