Search The iOS Post

Email Us: info@theiOSpost.com

 Keep updated by following The iOS Post in the different Social Networks   

Powered by Squarespace
« EA Releases a Re-imagined Tetris for the iPhone | Main | Apple's Grand Central Terminal Store in NYC Opening December 9 »
Friday
Dec022011

Carrier IQ, What is it? Where is it? What Can You Do About It?

You might have seen this term been written in many tech sites lately. Carrier IQ is a piece of software that has been found in many handsets. A video turn viral when security researcher Trevor Eckhart released a video detailing what it is and more disturbing, what it can do. 

Carrier IQ software is wildly used on mobile devices (deployed in over 141 million devices) to help companies track the usage of the mobile handsets to see where they are doing well and where they aren't. It collects data from the performance of the mobile handsets, but as we can see in Trevor's video it does a little bit more. 

The video shows how it can track almost anything you do, from SMS texts to pressing keys and more. This is a direct violation of privacy policies as there is no way to turn it off. The "app" is shown running on the background, pre-installed with no way of disabling it.

The Company explanation

Who has it?

Latest Android handsets like HTC, RIM BlackBerries (although they deny it), Nokia (although they deny it) and iOS devices. 

Although RIM and Nokia deny it, they express that they do not allow carriers to insert the code. So if its there, then somebody is putting it there. 

HTC:

HTC, like most manufacturers, has an opt-in error reporting function built in to our devices. If your phone experiences an error, you have the option of 'Telling HTC' so we can make improvements to our phones. Details about this are in our privacy policy on each device and in order for data to be collected, you have to opt-in. If you do opt-in, we protect your privacy by de-identifying and encrypting the data. HTC is committed to protecting your privacy and that means a commitment to clear opt-in/opt-out as the standard for collecting any information we need to serve you better.

Later HTC continued:

Carrier IQ is required on devices by a number of U.S carriers so if consumers or media have any questions about the practices relating to, or data collected by, Carrier IQ we'd advise them to contact their carrier.

It is important to note that HTC is not a customer or partner of Carrier IQ and does not receive data from the application, the company, or carriers that partner with Carrier IQ. HTC is investigating the option to allow consumers to opt-out of data collection by the Carrier IQ application.

Apple issued a statement shortly after iPhone Dev Team member Chpwn stated that Carrier IQ is found on iOS 5.

We stopped supporting CarrierIQ with iOS 5 in most of our products and will remove it completely in a future software update. With any diagnostic data sent to Apple, customers must actively opt-in to share this information, and if they do, the data is sent in an anonymous and encrypted form and does not include any personal information. We never recorded keystrokes, messages or any other personal information for diagnostic data and have no plans to ever do so.

If you have an Apple device running iOS 5 you can disable it, even though is not doing anything according to Apple by going to Settings >About > Diagnostics & Usage and mark "Don't Send".

What about the carriers?

Verizon said they are not putting Carrier IQ on the devices they are carrying. Meanwhile AT&T, Sprint and T-Mobile had this to say.

AT&T:

In-line with our privacy policy, we solely use CIQ software data to improve wireless network and service performance.

Sprint:

We collect enough information to understand the customer experience with devices on our network and how to address any connection problems, but we do not and cannot look at the contents of messages, photos, videos, etc., using this tool," she said via email.

The information collected is not sold and we don't provide a direct feed of this data to anyone outside of Sprint.

T-mobile:

T-Mobile utilizes the Carrier IQ diagnostic tool to troubleshoot device and network performance with the goal of enhancing network reliability and our customers’  experience . T-Mobile does not use this diagnostic tool to obtain the content of text, email or voice messages, or the specific destinations of a customers’ internet activity, nor is the tool used for marketing purposes.

Carrier IQ issued a statement saying that they are in compliance.

We measure and summarize performance of the device to assist Operators in delivering better service.

A security expert from Infidel Inc does not agree with the findings Eckhart recorded. 

Having examined the Carrier IQ implementation it is my opinion that allegations of keystroke collection or other surveillance of mobile device user’s content are erroneous, Rebecca Bace of Infidel Inc.

Judge by yourself. One of the biggest problems here is that there is no  opt-out option so the customer knows that this tool is on the phone and that you can deny the use of it. Do you really think we are being spied? this year we have seen many complaints regarding privacy on mobile devices and it really is a frightening matter.

Sources: Engadget, Bussiness Insider (1, 2), Computer World

PrintView Printer Friendly Version

EmailEmail Article to Friend

References (1)

References allow you to track sources for this article, as well as articles that were written in response to this article.
  • Response
    [...]The iOS Post - All Things iOS and the Apple World - The iOS Post - Carrier IQ, What is it? Where is it? What Can You Do About It?[...]

Reader Comments

There are no comments for this journal entry. To create a new comment, use the form below.

PostPost a New Comment

Enter your information below to add a new comment.

My response is on my own website »
Author Email (optional):
Author URL (optional):
Post:
 
Some HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>