"In a time of universal deceit telling the truth is a revolutionary act." -George Orwell

Carrier IQ Is Watching You – Secret App On Millions Of Phones Logs Key Taps, Geographic Locations & Received Messages Of Users

In Uncategorized on December 2, 2011 at 2:04 pm

Oldspeak:“So apparently it’s not just iPhones that keep a secret record of your movements. Surveillance companies can use your iPhone to take photos of you and your surroundings without your knowledge. If you use an Apple, Android, BlackBerry, or Nokia smartphone then you may be at risk of being illegally wire-tapped by Carrier IQ. Carrier IQ’s “mobile intelligence platform”, currently on at least 150 million devices surreptitiously records keystrokes, SMS messages, and internet search topics. Without your knowledge or consent. It can’t be turned off or opted out of. It’s always running even, when your phone’s screen is off. The ostensible reason given for this spyware on your phone is it is “a diagnostic tool designed to give network carriers and device manufacturers detailed information about the causes of dropped calls and other performance issues.” –Carrier IQ VP of Marketing Andrew Coward I’m not sure what your private information  has to do with dropped calls and performance. But if it’s simply a ‘diagnostic tool’ Why is its purpose not explicitly delineated? Why is it not accessible to users? Why is there no privacy policy as there is with every other app? These troubling questions remain unanswered by Carrier IQ? But more people are beginning to ask questions. “Without controls on this industry, the threat that surveillance poses to freedom on expression and human rights in general is only going to increase.” –Steven Murdoch of Cambridge Security Group “Ignorance Is Strength”

Related Video:

Related Stories:

Does your smartphone run Carrier IQ? Find out here

Secret app on millions of phones logs key taps

By James Mulroy @ PC World:

If you use an Android, BlackBerry, or Nokia smartphone then you may be at risk of being illegally wire-tapped by Carrier IQ–a provider of performance monitoring software for smartphones–according to reports.

Earlier this month, security researcher Trevor Eckhart announced that he found software made by Carrier IQ that may be logging your every move on your mobile phone. Trevor referred to it as a “rootkit“, a piece of software that hides itself while utilizing privileged access like watching your every move. Carrier IQ didn’t take too kindly to this accusation, and responded aggressively with acease-and-desist letter, and went on to deny this accusation. However, to further back his accusation, Eckhart released a video that he says shows the software in action.

In the video, Eckhart navigates to a list of running applications on his phone, and he found that the application IQRD–made by Carrier IQ–was not shown. However, when he searched all of the applications on the device, Eckhart discovered that IQRD showed up with the option to force stop it; therefore, he determined that the app must have been running. However, when he tried to stop the application, the force stop function did absolutely nothing. Additionally, this application always runs when the device is started, according to his research.

After connecting his HTC device to his computer, Trevor found that IQRD is secretly logging every single button that he taps on the phone–even on the touchscreen number pad. IQRD is also shown to be logging text messages.

In the video, Eckhart shows that Carrier IQ is also logging Web searches. While this doesn’t sound all that bad by itself, it suggests that Carrier IQ is logging what happens during an HTTPS connection which is supposed to be encrypted information. Additionally, it can do this over a Wi-Fi connection with no 3G, so even if your phone service is disconnected, IQRD still logs the information.

Wired goes on to say that the application “cannot be turned off without rooting the phone and replacing the operating system.”

While Eckhart tested his accusation on an HTC device it is likely that Carrier IQ is logging information on millions of more devices. According to Carrier IQ (pdf)”Carrier IQ’s Mobile Intelligence platform is currently deployed with more than 150 million devices worldwide.”

While Carrier IQ has since backed off and apologized for its aggressive legal action against Eckhart, this isn’t the end of the story for Carrier IQ. Paul Ohm, a former Justice Department prosecutor and professor at the University of Colorado Law School, told Forbes that this isn’t just creepy, but it’s also likely grounds for a class action lawsuit, citing a federal wiretapping law.

Make sure to check out the video below to see what Trevor discovered.

 

Update, Nov 30, 2011: iOS jailbreak developer Grant Paul (AKA chpwn) points out on Twitter that earlier versions of iOS appear to have included Carrier IQ. And Erica Sadum of The Unofficial Apple Weblog (TUAW) notes that iOS 5 makes references to Carrier IQ as well. In the TUAW post, Erica analyzes the Carrier IQ references and concludes that Carrier IQ in iOS 5 doesn’t appear to be collecting much data–if any at all (i.e. it may need to be explicitly turned on). Read her story for the full details.

Update 2: The Verge claims that neither the Nexus-branded Android phones nor the Motorola Xoom tablet include Carrier IQ, and suggests that the carriers insist on including the software. We haven’t been able to verify this, but if you have any more information, feel free to tip us off.

 

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: