The latest release of UFED Physical/Logical Analyzer (depending on your license) includes new features that respond to a variety of user needs.
First, you can now generate reports in multiple formats for several projects in a single step. Useful for case agents who must supply supervisors, intelligence analysts, translators, and others with the data they extract, this new feature saves time. Simply select the data and the required report formats (e.g. Word, PDF, UFDR etc.), and click “Finish.” This feature is supported in UFED Physical/Logical Analyzer and UFED Reader.
Another new time-saving feature is that you can now open your project in UFED Link Analysis directly from the UFED Physical Analyzer/Logical Analyzer and UFED Reader. If you’re a current UFED Physical/Logical Analyzer user, get a free UFED Link Analysis trial today with your UFED Physical/Logical Analyzer update. The trial will remain active till February 1.
Export SMS and MMS events to EML format directly from the analyzed data table. This is useful for showing all written communications – text messages and emails – together in a single timeline, when imported into third-party applications that support EML files. Each SMS and MMS message gets its own EML file.
Decoding: Devices and data types
Decode new and enhanced data types from various smartphone operating systems. Now supported for BlackBerry devices is the ability to view power-offs. This can be an important indicator of criminal activity; suspects are known to turn off their devices when trying to avoid either real-time detection, or leaving after-the-fact evidence of their travels. If an extraction reveals power-offs you wouldn’t expect during, say, waking hours, or during the subject’s normal patterns of life, that may offer new lines of inquiry for your investigation.
To view the powering log for a BlackBerry device, run the BlackBerry event log plug-in after the chain has been executed. View the data in the “Powering Events” table under “Analyzed Data” or as part of the Timeline.
UFED Physical/Logical Analyzer 3.9 also shows iOS and Android application permissions. Unsafe apps – those infected by malware, or not secured – can give the app permission to view contacts, text messages and other content without a user necessarily knowing it. This may be valuable in cases where a victim isn’t sure how private information was divulged. Find access permission data in the “Installed Applications” table (also available in the right pane).
Decoding support for physical extraction has also been added for 145 devices, including 118 Android devices; for file system extraction for 126 devices, including 97 Android devices; and for feature Samsung GSM and CDMA and LG CDMA devices. The new update also includes application support for the iOS apps Passbook, Wickr, and vBrowse; and Android apps Outlook.com, Google Maps and a new KakaoTalk version with encrypted data.
Find tethering information, iOS 7.0.x keychain decryption, Android data carving, various performance and functionality improvements, and many other features in UFED Physical Analyzer 3.9. If you’re not a current customer, take advantage of your free 30-day trial by clicking the below image: