Feeds

back to article BUSTED! Secret app on millions of phones logs key taps

An Android app developer has published what he says is conclusive proof that millions of smartphones are secretly monitoring the key presses, geographic locations, and received messages of its users. In a YouTube video posted on Monday, Trevor Eckhart showed how software from a Silicon Valley company known as Carrier IQ …

COMMENTS

This topic is closed for new posts.

Page:

FAIL

What's the big deal?

It's key logging - locally, not transmitting - the key logging is needed for the app to do what it's designed to do. Blame the carriers, not the device makers nor Google.

1
2
Anonymous Coward

So what does it do with that keylog?

Eventually it must either send it to dev/null or it transmit it off the device.

Somebody has paid good money to put this application on some phones.

So if it doesn't transmit (at least some of) the keylog eventually (in bursts, as they have already admitted), then why would anyone buy the application?

0
0
Big Brother

Oh well

Oh well, shouldn't be too hard to track down where the spy cripplecrapware is hiding, since Android is officially open source copy left software!

Thus, one should by rights, get the complete source code listing from the phone makers and easily recompile, minus the spy crippleware back door code and turning off the update on the fly cycle too!!!!!!

As for Pwn2Own in Vancouver, in 2012, this could make for a possible backdoor open hack, to get oneself a nice brand new Smartphone?

As it stands, Smartphones are truly dumb!

According to a conspiracy youtube video, Carrier IQ spy crippleware has been deployed to well in excess of 140 million smart phones. Now Gartner said by April 2011, world wide sales of smart phones was 468 million units, a 57% increase on 2010 sales figures, so I would say 140 million claimed on youtube video is a very conservative number, lol!

But then again, how soon we forget, how easy it was, for the mainland Chinese Central Spy Agency hackers, to break into and compromise Gmail accounts of many US Government Agencies, by the very same back door crafted by the foolish fools at NSA, when it went viral, on June 1st, 2011!

0
0
Vic
Silver badge

> Android is officially open source copy left software!

No it isn't.

Most of Android is under the Apache licence, which is *not* copyleft.

Thus you have no rights whatsoever to get the source code to it.

Vic.

0
0
Alert

Mr. Finch

I think Mr Finch from Person of Interest had something to do with it.

0
0
Anonymous Coward

Change the law

It should be made into law that any back channel communications should be unencrypted and plain text or SSL with the public key made public (So they can be afforded some degree of authentication but not privacy on their spying).

0
0
Anonymous Coward

It's required by AT&T

Don't ask how I know. That's confidential

0
0

Don't tell me what to do.

How do you know?

2
0
Mushroom

Is it truly the Carriers or Homeland Security

My question.. is it the Carriers or Homeland Security (through the carriers of course) who have asked for this rootkit to be installed? Seems like they would be the primary benefactor even more so than the carriers... capturing of all data including the content of text messages and the details of whats inside an SSL connection.

2
0
Silver badge
Thumb Up

@Zippy

Exactly what I was thinking...

Other Opinions Are Available... (TM)

0
0
Devil

I smell

Ken Mulcair's hand in this.....

Has anyone checked if the company is owned by News International?

0
0
Big Brother

Carrier IQ Press Release

Just found this press release from the offending (offensive?) company in question. Take from it what you will when presented with the evidence from the video in the Reg article. I make no opinion either way.

http://www.carrieriq.com/Media_Alert_User_Experience_Matters_11_16_11.pdf

0
0
Happy

Once "secure boot" is in place within mb BIOS we can all breath easily...

0
1
Silver badge

Yep..

..because CarrierIQ or equivalent spyware will then be embedded so deeply that you can't remove it without failing the "secure" authentication. That's if you're even allowed to run anything except Microsoft Bloatware version 9 (with future versions requiring a new motherboard).

Who me, cynical?

0
0
Big Brother

Congratulations to Apple

Congratulations to Apple for doing a much better job at concealing their spyware than the folks who integrated CarrierIQ into these other phones. Apple has not yet been caught!

0
1
Anonymous Coward

Proof or STFU

as title

0
0
Gimp

Choke on it, Metavisor

http://www.theregister.co.uk/2011/12/01/ios_has_carrier_iq_client/

0
1
Anonymous Coward

Why? It's hardly concealed is it? The logs are fully visible, no keylogging or any of those shenanigans and YOU CAN TURN IT OFF (sorry caps lock got stuck)

Beat that for freedom of choice, Android.

1
0
Holmes

seems to me

after reading all the posts, that it's just on the Sprint network devices. my ATT Captivate does not contain it, as of yet. has anyone been bothered enough to notice this variable and confirm or deny?

0
0

Question

The article doesn't seem to say whether this is something that a) comes with Android b) is added by the manufacturer or c) the carrier.

0
0
Anonymous Coward

Seems to be added by b to a by the order of c.

0
0

Look for...

libiq_client.so and libiq_service.so in /system/lib

Not on my UK purchased Nexus S

0
0
Anonymous Coward

I can't believe this hasn't even made to the top story list.

Is El Reg trying to bury this like Carrier IQ did?

0
1
(Written by Reg staff) Silver badge

Re:

No. How exactly do you bury a story that everyone is reading? (See the 'most read' box on the front page's top right)

2
0
Devil

How?

Well you put it on page 2 just like it did now.

This issue affects mostly US customers and the story is already gone from sight at 8am. Great!

But I'm sure it's nothing intentional of course, just one of those things.

Doesn't El Reg have a "Don't do evil" policy?

0
1
Silver badge
Happy

El Reg has a "Be evil if it's funny" policy.

Didn't you read the tagline yet?

3
0
Silver badge
Pint

Re: El Reg has a "Be evil if it's funny" policy.

I nearly sprayed my beer at that.

Cheers!

0
0
Big Brother

They're all at it, Jamie

---------------------------------------

Carrier IQ solutions combine device-resident software and server-side business analytics applications to provide actionable intelligence on end-user customer experience, performance and service quality. The embedded device agents are currently shipped on more than 75 million devices across numerous device manufacturers and models. The solutions can be deployed across multiple wireless technologies such as CDMA2000, GSM, UMTS/WCDMA, WiFi, and device types such as feature phones, smart phones, PDAs, data cards.

------------------------------------------

http://www.carrieriq.com/company/careers.htm

They are also looking for someone with:

"Experience with PPP/serial logging and sniffing tools like Wireshark"

Sounds innocent enough.........

3
0
Silver badge

It's a multi-platform product

so it will be spread across multiple platforms.

http://www.carrieriq.com/overview/mobileservice/index.htm

It lets carriers data-mine the behaviour of every device it is running on.

If Sprint have decided to deploy it, you can bet they will be deploying it across all handsets that they sell to the consumer. If CarrierIQ have a set of iPhone libraries for it, then Sprint will also have deployed it on their iPhones. I have yet to find a list of supported platforms on their site yet, though (not that I've actually looked that hard).

It is not a virus, or malware, it is a commercial product, and the decision to deploy is done by the carrier.

This is why I buy my phones direct rather than get a subsidised handset; you cannot know what the carrier has or has not installed on your handset for their own purposes. Subsidised handsets are so much of a false economy it is not even funny any more :'(

1
1
Anonymous Coward

Not so fast...

Carriers don't touch iPhones, and the firmware comes straight from Apple.

0
0
Silver badge

If it spies on my usage..

If it was installed without my knowledge or consent...

If it cripples, damages, downgrades or otherwise affects anything I do with the machine...

...then it is malware, commercial or not. Just like the Sony rootkit and to some extent, various game DRM mechanisms.

1
0
Silver badge

In all fairness...

If the carriers want to be able to plan for and provide appropriate amounts of bandwidth, now and in the future, they need to understand how users use their phones to create a model of current usage.

Yes, I realize the CIQ app goes much further than this by actually recording content, but perhaps it's merely a case of their thinking that "more info is better"?

That doesn't excuse the sneaky way the app is installed, or the lack of information from the carriers, and especially not CIQ's hamfisted tactics against the guy who shone the light on their handy little tool, but there's just a slight possibility that we're not dealing with malice here, but only a stunning level of organizational incompetence and/or misunderstanding of how users feel about their personal communications.

1
4

Agreed. Never ascribe to malevolence that which is equally well explained by stupidity. I would still like to perform violent acts on the entire company starting with the CEO and working my way down to the poor droid who will be blamed.

1
0
Anonymous Coward

Fairness?

Given their tactics, why bother cutting them any slack? Someone says something about their work that they don't like the flavour of, and the response is 'go corporate' and deploy the brass knuckles. And the carriers are suspiciously (guiltily?) quiet. If the world ends up short of one data 'gathering' company because they can't work out that deploying controversial software in a febrile environment is a bad idea, who cares? If they're that dumb, I don't think it's a big loss.

One thing that's become very clear in the commercial assault on privacy is that trusting businesses and handing them the benefit of the doubt rarely leads to an open and satisfactory explanation. It's far more likely to encourage them to continue stonewalling - and in the UK of course, like as not they'd get government support in doing so.

When they play fair, maybe we will.

0
0
Joke

Is my Nokia 6310i safe then ?

Go on hack it if you can.. I dare you..

1
0
Pirate

REALLY!! ok I see hackers getting the info. But who in their right minds think that the GoVERNMENT

will not abuse spying on citizens whether by court warrent or just to keep track on anyone who may disagree with them . It has been proven time and time again to be the case and even as far as to spray pathogend to see how modern life...the trains. subways ect can spread pbiological or chemical substances. we have a fundamental right to privacy..And those gready corporations and the DMV who spy on us and sell our private information should be stopped from doing so and fined and the company executives put in jail for 10 years without parole and forced to pay restitution to the coustomers which they made their millions off of .Hackers publish their names, addresses, family members names and locnes numbers and everything they do. Let them see how they like everyone knowing their bussiness...

1
1

Details on CarrierIQ -- a great writeup

Hello,

This writeup is terrific:

http://androidsecuritytest.com/features/logs-and-services/loggers/carrieriq/

MisterDan

0
0
Thumb Up

Check your phone!

I downloaded Logging Checker By TrevE@XDA and installed it on my DroidX from Verizon. CIQ is NOT installed on my phone, but I found that Google and Dropbox are logging usage stats.

0
0

This post has been deleted by a moderator

Bronze badge
Flame

2 things...

#1 my iPhone occasionally complains about the cellular data not being available - I am cheap and did not sign up for a data plan, WIFI suffices, thank you very much.

Wondering... could it be that something similar is going here, with call-home snooperware trying to connect?

See.... I consider it quite possible that my shiny has this problem too.

But...

#2 far as this article states, _this_ here is not an iPhone issue. Now, from the fanbois on both sides, I can understand "mature" behavior like

"hah! an Android bug. iPhones are so much better".

Or

"heh, heh, silly iTards have problems, Android rocks"

But, it is surely stretching the stupidity level quite a bit to say something like

"hah! a problem on Android means iPhones suck".

Or the reverse

"iPhone bug => Androids suck".

Get a f'ing life, folks. a phone is a phone is a phone. This is a programmer forum, can't do any better than "my shiny is better than your shiny"?

Sorry if I offended any 'tards by the above. It was fully intentional.

1
0

this is actually your iPhone checking for email etc but because wifi goes to sleep it uses 3G hence the message.

source: the o2 website.

solution: turn off 3G when your not using it or disable push email.

0
1
Bronze badge

Hmmm... I don't think so

My phone is configured to fetch mail every 15 minutes and this "cellular data not available" message doesn't appear with any regularity. Certainly not every 15 minutes. It also tends to appear as I am using the phone, not when it is idle.

And, yes, I have turned 3G off in settings - this message annoys me, so I tried my best to get rid of it. I could try to turn off push email for a while, see if that makes a difference.

0
0
Boffin

Inconclusive

While Mr. Eckhart's investigation is an important beginning to the conversation, it does not prove quite what it might seem to from this article.

The Register's article claims that Eckhart was using a "packet sniffer" to read what Carrier IQ's software was logging/sending, but that's not true.

He was using a USB debugger to view the EVENTS that Carrier IQ's software was receiving/processing from the OS.

What's been shown thus far is only that Carrier IQ's software has ACCESS to this personal information. It has NOT been shown that:

+ personal information is stored

+ personal information is transmitted to an outside party

+ personal information is used in any way

So far, Carrier IQ's statements about their software *may* still be true, if they are appropriately censoring personal data provided to their application through these events. Until we see what the application actually stores/sends, we won't know for sure.

That being said, I'm relieved that it's not on my phone, and I look forward to further investigation.

3
2

this is why I don't have a smartphone.

Once you know the truth, that smartphones are designed to sap and impurify your precious bodily fluids, you just can't submit to having one. It's the secret policeman in your pocket. It only takes a room temperature IQ to figure out that they're using it to spy on you, I mean, duh. How obvious does it have to get?

0
0

Thank GOODNESS for Apple's so called 'walled garden' !!!!!!! Thank you Apple !!

0
0
Devil

Is it... legal?

I WILL MAKE IT LEGAL

0
0
Bronze badge

Ah well, ... looks like I am stuck with the iPhone?

0
0
Anonymous Coward

Only one thing left to say

BuHahahahahahahahahahahaaa!

0
0
Stop

I doubt this effects....

my nokia 3110. so I won't worry about it

Is it time to dust off my 486dx2-66 running windows 3.11 & nuke the site from orbit?

It's the only way to be sure!

0
0
Anonymous Coward

Carrier IQ needs to go now.

1
1

Page:

This topic is closed for new posts.