Industry-first: Forensically sound, full file system extraction with Cellebrite Responder

Version7.28.2  |  Cellebrite Responder  |  January 21, 2020

To take full advantage of the checkm8 exploit, investigative teams need an easy to use, all-in-one solution, that expedites the extraction flow, while maintaining the forensic soundness of the data. 

With data integrity and the time-sensitive schedules of users in mind, Cellebrite is excited to introduce a first-to-market solution that fully integrates checkm8, using a forensically sound, non-persistent jailbreak in RAM. This game-changer allows forensic examiners to perform a full file system extraction from unlocked iOS devices, without risking changes to the file system, and all within a single tool.  

This capability is available to all users of Cellebrite Responder, across the different platforms and regardless of the license type. 

For information about the supported devices and to learn more about the checkm8 capability, read our blog “A practical guide to checkm8“.

 

App and decoding support:

Cellebrite Responder 7.28.2 expands decoding support across several leading iOS and Android apps, exposing much more data that can help to maximize your investigative efforts.

  1. First-time decoding support for devices running the KaiOS operating system.

  2. Wickr App on Android – Decryption and decoding support for the latest versions of the encrypted Wickr app running on devices with the latest Android versions.

  3. WhatsApp message forwarding feature on iOS & Android devices – Forwarded messages are indicated with a label (in the reports) helping you identify that this message originated somewhere else and was forwarded to this recipient.

  4. Find My app for iOS devices – Recover more locations data from the Find My app for iOS devices.

  5. 105 updated applications – Support for 105 new app versions for iOS and Android devices.