Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Secret Data and Keystroke-Logging Software Revealed on Millions of Smartphones
#1
Secret Data and Keystroke-Logging Software Revealed on Millions of Smartphones

  • Posted on November 30, 2011 at 12:42pm by [Image: elizabeth-klimas.thumbnail.jpg] Liz Klimas
Most of us don't know exactly what software is installed on our phones when we purchase them. All that seems to matter is that it works. But when Android developer Trevor Eckhart found software installed on many popular mobile devices that logs every single one of your keystrokes phone numbers dialed, text messages, encrypted web searches, etc. people started to listen.
Last week, Wired reported that Eckhart had found a program called Carrier IQ installed rather secretly on smartphones; its a program that can track almost anything happening on your mobile phone. Carrier IQ threatened Eckhart, who had posted research and manuals on his website, saying he was in breach of copyright law and could face financial charges. But Eckhart didn't back down.
In fact, Eckhart has released a new video and research showing Carrier IQ at work on a phone, according to Wired. The company's website says the program is used to give "manufacturer's unprecedented insight into their customer's mobile experience." Wired states that Carrier IQ said the software is used to gather "information off the handset to understand the mobile-user experience, where phone calls are dropped, where signal quality is poor, why applications crash and battery life" not logging keystrokes.
But Eckharts demonstration shows otherwise:

Now, as Eckhart notes in the video, his demonstration is shown on an HTC phone but he mentions he's seen such software on other phones like Android, Blackberry, Nokia and more. Eckhart describes the software on his website as a "rootkit" that is "enabling someone continued privileged access to our computers" and is "hidden in nearly every part of our phones."

[Image: Carrier-IQ-Solution.jpg]Here's how Carrier IQ works according to the company website. (Image: Carrier IQ)

Wired and Eckhart are unsure of how this software is covered under a privacy policy.
"If HTC's privacy policy doesn't cover the information collected by Carrier IQ, it's unclear whose privacy policy does," Eckhart wrote on his website. "Carrier IQ has a minimal privacy policy (http://carrieriq.com/company/privacy.htm), but it says, Our products are designed and configured to work within the privacy policies of our end customers[.] So whose policy covers this data Carrier IQ, or the phone manufacturer, or the carrier? Nobody knows for sure."
Eckhart writes, "An application should never be this hard to fully remove for security reasons especially out of contract when it serves no good purpose for the user, and its use should be opt-in ONLY."
Last week, Wired reported that the Electronic Frontier Foundation came to Eckharts rescue when he was threatened with legal action by Carrier IQ:
"I'm mirroring the stuff so other people are able to read this and verify my research," he said. "I'm just a little guy. I'm not doing anything malicious."
The company is demanding Eckhart retract (.pdf) his "rootkit" characterization of the software, which is employed by most major carriers, Eckhart said.
The EFF says Eckhart's posting of the files is protected by fair use under the Copyright Act for criticism, commentary, news reporting and research, and that all of Carrier IQ's claims and demands are "baseless." (.pdf)
[...]
Marcia Hofmann, an EFF senior staff attorney, said the civil rights group has concluded that "Carrier IQ's real goal is to suppress Eckhart's research and prevent others from verifying his findings."
Wired had the opportunity to interview Carrier IQ's marketing manager Andrew Coward who said the company should have control of distributing materials. Coward did acknowledge that if they wanted to look at text messages the probably could, but that wasn't the point of the program, which is designed for metric analysis.
Afterward, Carrier IQ released a message of apology to Eckhart, CNET reported:
"Our action was misguided and we are deeply sorry for any concern or trouble that our letter may have caused Mr. Eckhart," the company said in response to the EFF's letter. "We sincerely appreciate and respect EFF's work on his behalf, and share their commitment to protecting free speech in a rapidly changing technological world."
It did use this apology as another opportunity to say that the company does not use the software to record keystrokes, provide tracking tools, inspect or report content of communications, or provide real-time data to any customer.
Sprint admitted to CNET that it was a Carrier IQ customer but sides with the software company in that it doesn't use the data to spy on customers but to "understand device performance."
http://www.theblaze.com/stories/secret-d...artphones/
"The philosophers have only interpreted the world, in various ways. The point, however, is to change it." Karl Marx

"He would, wouldn't he?" Mandy Rice-Davies. When asked in court whether she knew that Lord Astor had denied having sex with her.

“I think it would be a good idea” Ghandi, when asked about Western Civilisation.
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  What Is America’s Secret Space Shuttle For? Peter Lemkin 0 42,864 12-05-2017, 05:25 PM
Last Post: Peter Lemkin
  The Creation of Synthetic Humans in Secret by Harvard David Guyatt 0 7,148 05-06-2016, 11:34 AM
Last Post: David Guyatt
  Google Glass and Smartphones can decipher your PIN from 10 feet away David Guyatt 0 3,380 26-06-2014, 09:44 AM
Last Post: David Guyatt
  Secret EU Plan for Police to Stop Cars by Remote Deactivation David Guyatt 1 3,840 30-01-2014, 12:02 PM
Last Post: David Guyatt
  Declassified papers show plutonium fall-out from French tests of 60s and 70s was kept secret Magda Hassan 2 3,622 04-07-2013, 05:18 PM
Last Post: David Guyatt
  The new super-duper secret pilotless drone David Guyatt 7 4,781 16-06-2013, 08:04 AM
Last Post: David Guyatt
  Secret UK uranium enrichment plant closed over safety fears Jan Klimkowski 1 2,660 25-01-2013, 06:42 AM
Last Post: Peter Lemkin
  Abraxas and Trapwire: the technology and personnel revealed Ed Jewett 5 7,897 21-08-2012, 02:22 PM
Last Post: Magda Hassan
  Met Police to extract suspects' mobile phone data Danny Jarman 1 2,949 22-05-2012, 05:15 PM
Last Post: Peter Lemkin
  A History of Secret Human Experimentations from ter Bernice Moore 11 9,490 29-04-2012, 05:04 AM
Last Post: Lauren Johnson

Forum Jump:


Users browsing this thread: 1 Guest(s)