Carrier IQ: The Sony rootkit all over again

Can someone legally record almost everything you do on your phone without telling you? Yes. Meet Carrier IQ, whose software is installed on nearly 142 million handsets

It turns out your phone may be spying on you even more than you thought.

Android developer Trevor Eckhart was tooling around with his HTC smartphone a few weeks ago when he discovered an unfamiliar app on it from a company called Carrier IQ.

That bit of code appeared to be capturing everything his phone did -- all numbers dialed, text entered, websites visited, buttons pressed, and so on, even while he was only using Wi-Fi -- and phoning home with that data.

The software was running in secret, not listed among his other running Android apps, and Eckhart could not force it to quit. In short, it was acting just like a rootkit used to hide malware.

http://www.infoworld.com/t/cringely/carrier-iq-spying-your-cellphone-180425

Where is all this data being routed?

CarrierIQ analyses the data and provides data and/or analyses to the carriers.

But it is possible that one or more of the carriers, e.g. Verizon, AT&T, Sprint or T-Mobile, would run servers and collect the data directly.

Note that the carriers have a lot of data already, since they can read all the signaling messages and all the data and voice traffic. What they wouldn't have is information about failed attempts to use apps, and data that was encrypted by SSL between the handset and a web site.

can be taken care of the old fashioned way where a trace is run, data collected and the user is asked if they would like to submit a report.

The SSL recording is not kosher though as it intentionally circumvents the very reason for using that protocol. I can see them claiming that they need data on why a phone locked up after going to a web page with a bad java script or flash widget, but CIQs method is just wrong.

Some techies are "packet sniffing" as it is called to see where it goes.

CIQ states on their websites that they collect the data although some Carriers probably collect data as well.

Per CIQ pres, yes they can.

to enforce message limit contracts.

Devils advocate only. Very very flimsy excuse for why they tried to hide the the software and what it did or why they created it to run as a rootkit.

Just read the article, good find. I'm amazed this isn't getting more responses.

Unlike the sexy, sexy Apple non-story about how women's health clinics aren't called "abortion clinics."

but easier to dismiss it than examine what people were noticing.

:kick:

We'll get there. Bit by bit, you won't even recognize. And then, BAM! :tinfoilhat: