"Intelligence agencies keep things secret because they often violate the rule of law or of good behavior." Julian Assange
The Carrier IQ scandal is a gift that just keeps giving: a US FOI report suggests that the FBI is using data captured by the creepy smartphone snooping app. The discovery was made by FOI blog MuckRock, which asked for “manuals, documents or other written guidance used to access or analyze data gathered by programs developed or …
"Intelligence agencies keep things secret because they often violate the rule of law or of good behavior." Julian Assange
Jullian Assange keeps things secret, just because he wasts to, ok.
I mean he could have hosted the whole of the "Collateral Murder" video on his site, but he just didn't think that everyone wanted to see all those bothersome pesky bits that put it into a context that he didn't want people to see...
Uh, yeah. Saki put it best: Sometimes a little inaccuracy saves a ton of explanation.
No married man disagrees with that.
The El Reg blurb states the following:
"The Carrier IQ scandal is a gift that just keeps giving: a US FOI report suggests that the FBI is using data captured by the creepy smartphone snooping app. The discovery was made by FOI blog MuckRock, which asked for “manuals, documents or other written guidance used to access or analyze data gathered by programs developed or …"
Yet in the article the following nuget can be found...
"MuckRock’s conclusion is that it’s likely that the FBI is using data gathered by Carrier IQ in an investigation – unless, of course, it’s Carrier IQ that’s under investigation."
Occam's Razor would suggest that its the latter. That Carrier IQ is under investigation.
I rate this article as a failure because the blurb seems to create a sense of hype that may not really be present. Now watch all of the tin foil hatters jump in and blame the FBI for spying on us.
More likely it's just a brush-off - "current criminal investigation" sounds a lot like "the interests of national security" to me.
Just because there's little information available doesn't bring Occam's Razor into the picture. There's simply not enough information available, i.e. there are a large number of potential investigations that cannot be ruled out as plausible explanations. Invoking Occam's Razor is speculative, not de facto.
I'm inclined to agree with the Cap'n that there is too little information for Occam's Razor to be useful. For my part (and I'm not a tin-foil hatter), I think it it more likely that an Investigative bureau would be using a spying tool than investigating it.
Whatever the truth, it isn't good for Carrier IQ : either they are being investigated or their tool is being used by a government organisation to spy on users. Not very good press for them.
I continue to find your trust in the authorities to be touching, if misguided. I would genuinely love to have any evidence to challenge my opinion that those with jurisdictional power are abusing it, but if it exists, I've yet to see it.
Whilst there is insufficient evidence to suggest what the actual meaning of the FBI's statement is, based on past performance I'd go with the rebuttable presumption that they mean "We are using it for our own purposes".
This particular use of Occam's Razor is somewhat misplaced, the principle of Occam's Razor is that "simpler explanations, all other things being equal, are generally better than more complex explanations".
If you agree in principal with the idea of Occam's Razor then you should also be open to some form of logical reasoning and the evaluation of previous track record to determine which theory is more likely, so while the simplest explanation is that Carrier IQ is under investigation, a more pragmatic analysis of what is happening would seem to imply that the FBI are using the data either for a genuine criminal investigation or for some nefarious purpose.
Given the amount of paranoia and the inward looking mentality of a significant portion of merkin-land, and the constant stream of goebbels like propaganda about the so-called War on Terror, aka ‘amerika under attack’ being used as an excuse to erode civil liberties, such as the Bush’s authorising of NSA warrantless wiretapping, abuse of the patriot act, the National Security Entry/Exit Registration System (NSEERS), the Anti-Terrorism and Effective Death Penalty Act (AEDPA), the Real ID Act, the Military Commissions Act, and the no-fly list, and hand control to vested interests, my money is on the last option.
Anyway, I’ll leave the last words to obama:-
Bob "Snake" Plissken icon please elReg
"...I think it it more likely that an Investigative bureau would be using a spying tool than investigating it."
Maybe they are investigating it to use later as a spying tool...
There has been far too much abuse of power, and far to many citizens are ASSUMED guilty instead of presumed innocent, so turn about is fair play. As far as I am concerned, the feds are engaged in gangster activity and I assume them to be guilty.
Its not that I have blind faith in my government.
It's the simple fact that a certain US Senator has openly raised questions and concerns.
Also if you knew anything about LE Supoenas, you would understand how easily they can acquire the same information through legal means.
There are other facts that support the conclusion that the Feds are most likely investigating them. But again you have to understand the recent US history and post 9-11 laws and powers given to the western governments. Again why participate in an illegal activity when with 5 min of paper work,
You can do the same thing legally.
Sorry to disappoint you, so flame away.
doesn't necessarily mean they aren't using it to monitor traffic. Get the appropriate authorization, kick up the reporting for the tool, and the traffic stream gets reported to the feds. I think the bit which tends to lean against them investigating the company is that if they were, the easiest way would be to submit the allegations, which provide a reasonable basis given the video, then seize the evidence and sort it all out after its been secured.
That sure went quiet real quick...
Exactly my point.
While the evidence is mostly circumstantial - it is building up.
1 sheet of tin foil
1 set of folding instructions to make a nifty hat
Ok AC, you supply the foil then I'll supply the instructions, right here:
I'll take 2 sheets of foil please :-)
You think the FBI isn't monitoring that link, watching for people trying to subvert the national security mandate!?
That this is all just a storm in a teacup?
While CarrierIQ's software does seem to 'see' keypresses and content, it doesn't necessarily follow that it logs them, much less transmits them 'home'.
I have nothing to do with the handset biz, but nothing I've read so far (discounting media hysteria) would constitute 'proof' of actual snooping.
The only thing we can definitely blame CarrierIQ for is sloppy software: if their software does what it says on the tin, then it should have been written to avoid any appearance of privacy invasion.
Current intent might not match future intent. Just because it isn't proven to be currently snooping, it certain has the ability.
The techies might have written the code to help debugging.
The Marketers might say "this is great, we can use it for targeted marketing. S it wasn't the intended purpose, but we wrote in the ability to capture information so we might as well profit from selling it"
Or more sinister. The "authorities" grab ALL the captured data - "its for a paedophile investigation". Next thing you know Joe Bloggs is under investigation for Income Tax avoidance since the data grabbed happened to show his tax return didn't include the savings account he managed from his mobile.
Cynical? Yes. Has history taught us nothing?
but neither is is a minor thing either. The interface provides the ability to do keystroke logging, and from the user standpoint, it can't be removed. The phone itself provides the transmission interface. Regardless of whether or not any government agency is or is not using it legally or otherwise, someone could write a malicious app to steal the data. Since some (many?) people now use cell phones for accessing bank accounts, that gives the bad guy the info to empty your accounts. That's the bit I'm concerned about. I'm not important enough to be investigated by the FBI or the NSA. I'm not even important enough to be targeted by the bad guys, but they aren't above hitting me as a target of opportunity.
That paedophile or tax evader, Joe Bloggs IS breaking the law in both cases.
"Understanding Carrier IQ Technology"
unless, of course, Carrier IQ IS the FBI and their cover has just been blown!
Where does this leave Vodafone's and 3's use of Bluecoat? If the US government is happy to spy on it's own citizens then it's difficult to believe that they wouldn't spy on people abroad.
Mobile operators are required by law to filter access to "adult" websites unless the account holder proves they are over 18 years old and request the filtering to be removed. Vodafone & 3 presumably use Bluecoat to help them comply with this law.
 If O2 is anything to go by, adult sites seem to include websites in the personal beauty sector and clothes retailers which I really can't understand why children shouldn't be allowed to see them.
The only reason why they are required to do so is because they got together and decided to do so. 'Because we say so' is certainly not enough to ignore people's rights under RIPA, DPA and CMA. The government's threat to change the law isn't very convincing either - 'Break the law or we'll force you to do it anyway'...
In addition Orange seem to manage to fitler without involving Bluecoat or other 3rd parties, so Bluecoat's involvement would not appear to be necessary even if you accept that filtering is necessary.
I don't accept this by the way. If you really care about children then DON'T SELL THEM THE HANDSETS TO START WITH - limit sales of handsets and SIMs to adults and get them to choose to put filtering on the connection or not during the sale.
Sooner or later children will either find ways around the filter and manage to access this stuff of those serving porn will find ways around the limits, as TalkTalk recently found out.
There's no law - just an industry wide agreement. From o2's blog:
Q: What do the other UK mobile operators do in this area?
A: All the other UK operators also run content filtering and age verification on their mobile networks, based on the IMCB guidelines. As mentioned above, it’s an industry regulation that’s been agreed by all the main UK networks.
Not that I mind if the FBI or anyone else monitors my smart phone use, knock yourselves out guys.
It does however occur to me that if this is all done by an app on my phone, then it mus be using my data bandwidth, so am I actually paying for them to snoop?
I believe that would break a few laws, as in effect they are stealing from me. Do these apps actually use my bandwidth, or do the providers shoulder the costs?
A spy agency spies on a target and gets the target to provision and pay for the data.
I can imagine some beancounter sitting in his office smiling as he strokes his white hairy pussy...
if they don't cover the costs you will quickly KNOW you are being monitored. And unlike Quality Control, if they are MONITORING you, they'll be opening the firehose to slurp the data.
"Do these apps actually use my bandwidth, or do the providers shoulder the costs"
They might say ( not on the record of course !)
"we have in fact subsidised the entire smartphone 'project', from the begining, just so we could have access to just this kind of data "
So much for Carrier IQ's innocence, and anyone who uses them.
Yep, I'll take THAT smartphone please, the one that DOESN'T have Carrier IQ pre-loaded.
Read the first line as: "So much for Carrier IQ's incontinence, and anyone who uses them".
Actually rather got a chuckle out of that...
I agree with the fact that there is not enough information to leap to any conclusions. But, since a US Senator has requested information from them, you would think he also asked somebody at the FBI if they have any knowledge of the company's usage.
Knowing the schizophrenia of the US government in general and the FBI in particular, I would say they are playing both sides. The investigative arm has an ongoing (if fairly recent) investigation of Carrier IQ and the techie/support/observation peeps are perusing the logs captured by Carrier IQ in other venues.
Let's not count out the rest of the DHS and their alphabet soup of agencies. I would bet good money that the FBI is not the only agency using AND investigating Carrier IQ.
Good thing someone bought me some tinfoil and someone else posted instructions for its use...
This is why I use a dumbphone, and try to keep one computer isolated from the Net.
...and the foil hat around your head?
I just wondered, could you possibly have a slightly more intrusive, size changing advert please? I love my page jumping around all over the place on every reload. Thanks.
AdBlock Pro and NoScript, and those pesky Ads aren't so pesky anymore....
The FBI only wanted the software to only intended be installed on "burn phones" used by the folks who were the target of the blown "Fast and Furious" operation. Ignoring that most burners are likely cheap, feature free units of course.
Don't you remember that they "provided enough technical detail to convince The Register the diagnostics software doesn't represent a privacy threat to handset owners"?
A gift that keeps on giving, because it's a story you keep on sensationalising. Where are you today then? Is it bad or benign?
Because Apple have discontinues support( no user help for you FBI?) for the 10's of millions no doubt installed on the iPhone 4!
Seriously? Some Dude* (I forget exactly who) in Washington made a public query to Carrier IQ asking "Do you breach the Wire Tap Laws?"
I assume** that a competitent and non-compromised FBI would pick up that not so subtle hint and promptly open an inventigation into exactly if Carrier IQ does breach said Law. After all, this is exactly what the FBI is paid to do.
* As well as any number of media and blogging outlets***
** Yes I know, never trust what it says on the tin. For either Carrier IQ or the FBI.
*** Cause Bloggers are not part of the media.
"After all, this is exactly what the FBI is paid to do."
You do know you are referring to an agency that was weaned on the teat of J. Edgar Hoover, no?
Biting the hand that feeds IT © 1998–2017