±Forensic Focus Partners

Become an advertising partner

±Your Account


Username
Password

Forgotten password/username?

Site Members:

New Today: 0 Overall: 36296
New Yesterday: 2 Visitors: 155

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

±Latest Videos

±Latest Jobs

Cellebrite PA supports Remote Desktop Access

Discussion of forensic issues related to all types of mobile phones and underlying technologies (GSM, GPRS, UMTS/3G, HSDPA, LTE, Bluetooth etc.)
Subforums: Mobile Telephone Case Law
Reply to topicReply to topic Printer Friendly Page
Forum FAQSearchView unanswered posts
Page 1, 2, 3, 4  Next 
  

ErminM
Member
 

Cellebrite PA supports Remote Desktop Access

Post Posted: Nov 26, 19 19:30

As long as one pays additional $500USD per year for the "advanced functionality".

The support will suggest to use "alternative ways to remote connect" to go around the additional cost but I will not modify environment for one program with arbitrary restrictions.

Which gets me to the question...

We have Axiom and Touch 2 with PA currently.

If we do not renew Cellebrite this time around, what is the best mobile forensic package to compliment Axiom?
We do not need to break into the phones and it is all recent Android and iOS devices.

Frankly, I find the $500USD for RDP insulting and I would rather support vendor that is not going to prevent me working from home and respects my time and the demands that my workflow presents.


Thanks for any suggestions!

Ermin  
 
  

AmNe5iA
Senior Member
 

Re: Cellebrite PA supports Remote Desktop Access

Post Posted: Nov 26, 19 22:17

How do you use Touch 2 via RDP from home anyway? How do you plug the phones and USBs in? Some extractions require you swap back and forth using different cables. You drive to work plug the phone in, return home, start extraction. Cellebrite tells you to swap the cable (or press buttons on the device or even just instruct the device to trust the computer its connected to) so you then drive back to work. etc etc  
 
  

ErminM
Member
 

Re: Cellebrite PA supports Remote Desktop Access

Post Posted: Nov 27, 19 19:22

This is about the use of UFED Physical Analyzer, the Cellebrite software that is being used to process and analyze the data after the extraction.

Touch 2 I would not expect to use remotely and it certainly does not work with other remote access programs.
On a side note, iOS devices are not acquired on Touch 2 device but on PC running PA.


To clarify things. Imagine that you have one day a week when you work from home. Or deadline and you want to work in the evening or the weekend.

You connect to work and start Encase or X-ways or Axiom or Blacklight etc and your software works same as it does when you are in the office.

Now you remember that you need evidence from the mobile device and UFED PA refuses to load.
No Sir, you must go to office to get that data. Your child is sick and you have phone evidence to review, sorry can't work from home. Unless you load that evidence in AXIOM, the software that does not care that you are at home.

Or to look at it from another perspective, imagine if all other vendors asked for extra $500 to allow their software to be accessed by people working from home.

Cellebrite would advise you to install something, anything else except remote desktop and it would be fine.
They would rather let you introduce third party remote access software and face potential security issues than be like any other vendor we use.

And when they finally decide that RDP blocking is not necessary, they want extra $500 to remove the block they imposed in the first place.

I find that as injury after the insult and I think I will give my money elsewhere this time around.
I just need to know where as I have been Cellebrite customer for a long time.

Cheers!

Ermin  
 
  

AmNe5iA
Senior Member
 

Re: Cellebrite PA supports Remote Desktop Access

Post Posted: Nov 28, 19 09:38

Yeah, that does sound like BS but I'd be tempted to just install another remote desktop tool rather than pay Cellebrite. It does increase your attack surface slightly but you can reduce that a little by disabling RDP. You won't be using RDP afterwards anyway...  
 
  

XRY_Mike
Member
 

Re: Cellebrite PA supports Remote Desktop Access

Post Posted: Nov 28, 19 10:25

If you have decided to seek a suitable alternative - I would propose XRY & XAMN from MSAB.

(Bias alert - I work for MSAB)

I can assure you that you would have no problem using RDP to access the extractions in XAMN remotely from home if you need to. We can set you up with a 30 day trial for free, so you can establish that for yourself if you want to test it out.

We play nicely with other tools like Axiom and there are plenty of interoperability export formats. We can also ingest your existing UFDR file formats into XAMN for analysis if you prefer.

Mike  
 
  

jaclaz
Senior Member
 

Re: Cellebrite PA supports Remote Desktop Access

Post Posted: Nov 28, 19 11:37

Surely I am too old for this stuff Sad , but the sheer idea of leaving a computer containing evidence/sensible material switched on, unattended, connected to the Internet and available to RDP (or similar) is sending shivers through my spine Shocked .

Of course no hacker is ever going to try and connect to it (very little fish in the very large swarm/shoal theory) until he/she does.

jaclaz
_________________
- In theory there is no difference between theory and practice, but in practice there is. - 
 
  

polar
Member
 

Re: Cellebrite PA supports Remote Desktop Access

Post Posted: Nov 28, 19 12:45

- jaclaz
Surely I am too old for this stuff Sad , but the sheer idea of leaving a computer containing evidence/sensible material switched on, unattended, connected to the Internet and available to RDP (or similar) is sending shivers through my spine Shocked .

Hear hear.  
 

Page 1 of 4
Page 1, 2, 3, 4  Next