back to article BUSTED! Secret app on millions of phones logs key taps

An Android app developer has published what he says is conclusive proof that millions of smartphones are secretly monitoring the key presses, geographic locations, and received messages of its users. In a YouTube video posted on Monday, Trevor Eckhart showed how software from a Silicon Valley company known as Carrier IQ …

COMMENTS

This topic is closed for new posts.

Page:

    1. Anonymous Coward
      Anonymous Coward

      So what does it do with that keylog?

      Eventually it must either send it to dev/null or it transmit it off the device.

      Somebody has paid good money to put this application on some phones.

      So if it doesn't transmit (at least some of) the keylog eventually (in bursts, as they have already admitted), then why would anyone buy the application?

  1. heystoopid
    Big Brother

    Oh well

    Oh well, shouldn't be too hard to track down where the spy cripplecrapware is hiding, since Android is officially open source copy left software!

    Thus, one should by rights, get the complete source code listing from the phone makers and easily recompile, minus the spy crippleware back door code and turning off the update on the fly cycle too!!!!!!

    As for Pwn2Own in Vancouver, in 2012, this could make for a possible backdoor open hack, to get oneself a nice brand new Smartphone?

    As it stands, Smartphones are truly dumb!

    According to a conspiracy youtube video, Carrier IQ spy crippleware has been deployed to well in excess of 140 million smart phones. Now Gartner said by April 2011, world wide sales of smart phones was 468 million units, a 57% increase on 2010 sales figures, so I would say 140 million claimed on youtube video is a very conservative number, lol!

    But then again, how soon we forget, how easy it was, for the mainland Chinese Central Spy Agency hackers, to break into and compromise Gmail accounts of many US Government Agencies, by the very same back door crafted by the foolish fools at NSA, when it went viral, on June 1st, 2011!

    1. Vic

      > Android is officially open source copy left software!

      No it isn't.

      Most of Android is under the Apache licence, which is *not* copyleft.

      Thus you have no rights whatsoever to get the source code to it.

      Vic.

  2. David Ramsden
    Alert

    Mr. Finch

    I think Mr Finch from Person of Interest had something to do with it.

  3. Anonymous Coward
    Anonymous Coward

    Change the law

    It should be made into law that any back channel communications should be unencrypted and plain text or SSL with the public key made public (So they can be afforded some degree of authentication but not privacy on their spying).

  4. Anonymous Coward
    Anonymous Coward

    It's required by AT&T

    Don't ask how I know. That's confidential

    1. Richard 120

      Don't tell me what to do.

      How do you know?

  5. Zippy the Pinhead
    Mushroom

    Is it truly the Carriers or Homeland Security

    My question.. is it the Carriers or Homeland Security (through the carriers of course) who have asked for this rootkit to be installed? Seems like they would be the primary benefactor even more so than the carriers... capturing of all data including the content of text messages and the details of whats inside an SSL connection.

    1. Anomalous Cowturd
      Thumb Up

      @Zippy

      Exactly what I was thinking...

      Other Opinions Are Available... (TM)

  6. Stewart Knight
    Devil

    I smell

    Ken Mulcair's hand in this.....

    Has anyone checked if the company is owned by News International?

  7. jestersbro
    Big Brother

    Carrier IQ Press Release

    Just found this press release from the offending (offensive?) company in question. Take from it what you will when presented with the evidence from the video in the Reg article. I make no opinion either way.

    http://www.carrieriq.com/Media_Alert_User_Experience_Matters_11_16_11.pdf

  8. oldredlion
    Happy

    Once "secure boot" is in place within mb BIOS we can all breath easily...

    1. M Gale

      Yep..

      ..because CarrierIQ or equivalent spyware will then be embedded so deeply that you can't remove it without failing the "secure" authentication. That's if you're even allowed to run anything except Microsoft Bloatware version 9 (with future versions requiring a new motherboard).

      Who me, cynical?

  9. IGnatius T Foobar
    Big Brother

    Congratulations to Apple

    Congratulations to Apple for doing a much better job at concealing their spyware than the folks who integrated CarrierIQ into these other phones. Apple has not yet been caught!

    1. Anonymous Coward
      Anonymous Coward

      Proof or STFU

      as title

      1. Anonymous Coward
        Gimp

        Choke on it, Metavisor

        http://www.theregister.co.uk/2011/12/01/ios_has_carrier_iq_client/

        1. Anonymous Coward
          Anonymous Coward

          Why? It's hardly concealed is it? The logs are fully visible, no keylogging or any of those shenanigans and YOU CAN TURN IT OFF (sorry caps lock got stuck)

          Beat that for freedom of choice, Android.

  10. tommydokc
    Holmes

    seems to me

    after reading all the posts, that it's just on the Sprint network devices. my ATT Captivate does not contain it, as of yet. has anyone been bothered enough to notice this variable and confirm or deny?

  11. R.Moore

    Look for...

    libiq_client.so and libiq_service.so in /system/lib

    Not on my UK purchased Nexus S

  12. Jamie Kitson

    Question

    The article doesn't seem to say whether this is something that a) comes with Android b) is added by the manufacturer or c) the carrier.

    1. Anonymous Coward
      Anonymous Coward

      Seems to be added by b to a by the order of c.

  13. Anonymous Coward
    Anonymous Coward

    I can't believe this hasn't even made to the top story list.

    Is El Reg trying to bury this like Carrier IQ did?

    1. diodesign (Written by Reg staff) Silver badge

      Re:

      No. How exactly do you bury a story that everyone is reading? (See the 'most read' box on the front page's top right)

      1. Anonymous Coward
        Devil

        How?

        Well you put it on page 2 just like it did now.

        This issue affects mostly US customers and the story is already gone from sight at 8am. Great!

        But I'm sure it's nothing intentional of course, just one of those things.

        Doesn't El Reg have a "Don't do evil" policy?

        1. Richard 12 Silver badge
          Happy

          El Reg has a "Be evil if it's funny" policy.

          Didn't you read the tagline yet?

          1. Anomalous Cowturd
            Pint

            Re: El Reg has a "Be evil if it's funny" policy.

            I nearly sprayed my beer at that.

            Cheers!

  14. Bradley Hardleigh-Hadderchance
    Big Brother

    They're all at it, Jamie

    ---------------------------------------

    Carrier IQ solutions combine device-resident software and server-side business analytics applications to provide actionable intelligence on end-user customer experience, performance and service quality. The embedded device agents are currently shipped on more than 75 million devices across numerous device manufacturers and models. The solutions can be deployed across multiple wireless technologies such as CDMA2000, GSM, UMTS/WCDMA, WiFi, and device types such as feature phones, smart phones, PDAs, data cards.

    ------------------------------------------

    http://www.carrieriq.com/company/careers.htm

    They are also looking for someone with:

    "Experience with PPP/serial logging and sniffing tools like Wireshark"

    Sounds innocent enough.........

  15. NumptyScrub

    It's a multi-platform product

    so it will be spread across multiple platforms.

    http://www.carrieriq.com/overview/mobileservice/index.htm

    It lets carriers data-mine the behaviour of every device it is running on.

    If Sprint have decided to deploy it, you can bet they will be deploying it across all handsets that they sell to the consumer. If CarrierIQ have a set of iPhone libraries for it, then Sprint will also have deployed it on their iPhones. I have yet to find a list of supported platforms on their site yet, though (not that I've actually looked that hard).

    It is not a virus, or malware, it is a commercial product, and the decision to deploy is done by the carrier.

    This is why I buy my phones direct rather than get a subsidised handset; you cannot know what the carrier has or has not installed on your handset for their own purposes. Subsidised handsets are so much of a false economy it is not even funny any more :'(

    1. Anonymous Coward
      Anonymous Coward

      Not so fast...

      Carriers don't touch iPhones, and the firmware comes straight from Apple.

    2. M Gale

      If it spies on my usage..

      If it was installed without my knowledge or consent...

      If it cripples, damages, downgrades or otherwise affects anything I do with the machine...

      ...then it is malware, commercial or not. Just like the Sony rootkit and to some extent, various game DRM mechanisms.

  16. Peter Simpson 1

    In all fairness...

    If the carriers want to be able to plan for and provide appropriate amounts of bandwidth, now and in the future, they need to understand how users use their phones to create a model of current usage.

    Yes, I realize the CIQ app goes much further than this by actually recording content, but perhaps it's merely a case of their thinking that "more info is better"?

    That doesn't excuse the sneaky way the app is installed, or the lack of information from the carriers, and especially not CIQ's hamfisted tactics against the guy who shone the light on their handy little tool, but there's just a slight possibility that we're not dealing with malice here, but only a stunning level of organizational incompetence and/or misunderstanding of how users feel about their personal communications.

    1. AceBitbucket

      Agreed. Never ascribe to malevolence that which is equally well explained by stupidity. I would still like to perform violent acts on the entire company starting with the CEO and working my way down to the poor droid who will be blamed.

    2. Anonymous Coward
      Anonymous Coward

      Fairness?

      Given their tactics, why bother cutting them any slack? Someone says something about their work that they don't like the flavour of, and the response is 'go corporate' and deploy the brass knuckles. And the carriers are suspiciously (guiltily?) quiet. If the world ends up short of one data 'gathering' company because they can't work out that deploying controversial software in a febrile environment is a bad idea, who cares? If they're that dumb, I don't think it's a big loss.

      One thing that's become very clear in the commercial assault on privacy is that trusting businesses and handing them the benefit of the doubt rarely leads to an open and satisfactory explanation. It's far more likely to encourage them to continue stonewalling - and in the UK of course, like as not they'd get government support in doing so.

      When they play fair, maybe we will.

  17. Duffaboy
    Joke

    Is my Nokia 6310i safe then ?

    Go on hack it if you can.. I dare you..

  18. Goober
    Pirate

    REALLY!! ok I see hackers getting the info. But who in their right minds think that the GoVERNMENT

    will not abuse spying on citizens whether by court warrent or just to keep track on anyone who may disagree with them . It has been proven time and time again to be the case and even as far as to spray pathogend to see how modern life...the trains. subways ect can spread pbiological or chemical substances. we have a fundamental right to privacy..And those gready corporations and the DMV who spy on us and sell our private information should be stopped from doing so and fined and the company executives put in jail for 10 years without parole and forced to pay restitution to the coustomers which they made their millions off of .Hackers publish their names, addresses, family members names and locnes numbers and everything they do. Let them see how they like everyone knowing their bussiness...

  19. MisterDan

    Details on CarrierIQ -- a great writeup

    Hello,

    This writeup is terrific:

    http://androidsecuritytest.com/features/logs-and-services/loggers/carrieriq/

    MisterDan

  20. LordButt©
    Thumb Up

    Check your phone!

    I downloaded Logging Checker By TrevE@XDA and installed it on my DroidX from Verizon. CIQ is NOT installed on my phone, but I found that Google and Dropbox are logging usage stats.

  21. Jean-Luc
    Flame

    2 things...

    #1 my iPhone occasionally complains about the cellular data not being available - I am cheap and did not sign up for a data plan, WIFI suffices, thank you very much.

    Wondering... could it be that something similar is going here, with call-home snooperware trying to connect?

    See.... I consider it quite possible that my shiny has this problem too.

    But...

    #2 far as this article states, _this_ here is not an iPhone issue. Now, from the fanbois on both sides, I can understand "mature" behavior like

    "hah! an Android bug. iPhones are so much better".

    Or

    "heh, heh, silly iTards have problems, Android rocks"

    But, it is surely stretching the stupidity level quite a bit to say something like

    "hah! a problem on Android means iPhones suck".

    Or the reverse

    "iPhone bug => Androids suck".

    Get a f'ing life, folks. a phone is a phone is a phone. This is a programmer forum, can't do any better than "my shiny is better than your shiny"?

    Sorry if I offended any 'tards by the above. It was fully intentional.

    1. strongy

      this is actually your iPhone checking for email etc but because wifi goes to sleep it uses 3G hence the message.

      source: the o2 website.

      solution: turn off 3G when your not using it or disable push email.

      1. Jean-Luc

        Hmmm... I don't think so

        My phone is configured to fetch mail every 15 minutes and this "cellular data not available" message doesn't appear with any regularity. Certainly not every 15 minutes. It also tends to appear as I am using the phone, not when it is idle.

        And, yes, I have turned 3G off in settings - this message annoys me, so I tried my best to get rid of it. I could try to turn off push email for a while, see if that makes a difference.

  22. DMGregory
    Boffin

    Inconclusive

    While Mr. Eckhart's investigation is an important beginning to the conversation, it does not prove quite what it might seem to from this article.

    The Register's article claims that Eckhart was using a "packet sniffer" to read what Carrier IQ's software was logging/sending, but that's not true.

    He was using a USB debugger to view the EVENTS that Carrier IQ's software was receiving/processing from the OS.

    What's been shown thus far is only that Carrier IQ's software has ACCESS to this personal information. It has NOT been shown that:

    + personal information is stored

    + personal information is transmitted to an outside party

    + personal information is used in any way

    So far, Carrier IQ's statements about their software *may* still be true, if they are appropriately censoring personal data provided to their application through these events. Until we see what the application actually stores/sends, we won't know for sure.

    That being said, I'm relieved that it's not on my phone, and I look forward to further investigation.

  23. The Alpha Klutz

    this is why I don't have a smartphone.

    Once you know the truth, that smartphones are designed to sap and impurify your precious bodily fluids, you just can't submit to having one. It's the secret policeman in your pocket. It only takes a room temperature IQ to figure out that they're using it to spy on you, I mean, duh. How obvious does it have to get?

  24. Saoir

    Thank GOODNESS for Apple's so called 'walled garden' !!!!!!! Thank you Apple !!

  25. Mike VandeVelde
    Devil

    Is it... legal?

    I WILL MAKE IT LEGAL

  26. All names Taken

    Ah well, ... looks like I am stuck with the iPhone?

  27. Anonymous Coward
    Anonymous Coward

    Only one thing left to say

    BuHahahahahahahahahahahaaa!

  28. Mr_Pitiful
    Stop

    I doubt this effects....

    my nokia 3110. so I won't worry about it

    Is it time to dust off my 486dx2-66 running windows 3.11 & nuke the site from orbit?

    It's the only way to be sure!

  29. Anonymous Coward
    Anonymous Coward

    Carrier IQ needs to go now.

  30. Wile E. Veteran
    Meh

    Where is the independent confirmation?

    Everyone on this thread is in a panic because of ONE video. Where is the independent confirmation by unrelated researchers? If someone has an ax to grind, they can easily produce a video and watch all the sheep go off on a tilt based on it. It does not matter if it is factual or not, as long as it is plausible and looks good on video, huge numbers of people will believe it.

    It may well be correct, but until I see multiple instances of totally independent confirmation, I will remain skeptical of the conclusion Carrier IQ is actually logging all my keystrokes and net activity.

    If it IS independently confirmed, I will happily join a class action suit aimed at putting everyone involved in this monster invasion of privacy out of business and behind bars.

  31. Anonymous Coward
    Black Helicopters

    Broadband usage

    Who pays for the transmission of data? Could this be classed as theft for using your broadband without your permission?http://www.theregister.co.uk/Design/graphics/icons/comment/black_helicopters_32.png

Page:

This topic is closed for new posts.

Other stories you might like