Carrier IQ Collects Everything on Android Phones [Update]

| Analysis

[Update: Nokia issued a statement to The Mac Observer denying that it uses CarrierIQ in any of its products. That statement: “Nokia does not put CarrierIQ on any products. In fact, CarrierIQ does not ship software for any Nokia models (running on Symbian or otherwise).” Research In Motion has similarly denied the use of CarrierIQ. The story has been updated to reflect this. - Editor]

A piece of software called Carrier IQ has apparently been installed on more than 141 million phones from Samsung, HTC. While the same is true of a lot of software, CarrierIQ is loaded without the permission of users, always runs, doesn’t show up in the list of running apps on those devices, and—this is the zinger—logs everything that those users do on their devices, including the contents of text messages, searches, and even phone numbers dialed.

Your HTC Smartphone is Watching You

Your HTC Smartphone is Watching You

Carrier IQ is a third party company that offers metric information to carriers and handset makers. In other words, this is not a part of Android OS, or even BlackBerry OS, but is a third party application installed on these devices by carriers and/or handset makers.

A young man named Trevor Eckhart first exposed Carrier IQ earlier in November, and he was promptly sued by the company. The Electronic Freedom Foundation came to his aid, however, and the suit was dropped.

One of his accusations is that the software logs every button push and keystroke users make on their devices, an accusation that Carrier IQ denied. In a statement released on November 16th, the company said:

While we look at many aspects of a device’s performance, we are counting and summarizing performance, not recording keystrokes or providing tracking tools. The metrics and tools we derive are not designed to deliver such information, nor do we have any intention of developing such tools.

On November 28th, Mr. Eckhart posted a follow-up video (below) that shows quite clearly that this information is being collected, though there’s no proof that all of that data is then shipped to Carrier IQ’s servers. On the other hand, there’s no proof that it isn’t, and the entire point of the application is to collect and send data to those servers, so it’s not a great stretch to believe that every text, every search, ever button, and any and every other tap you make on your Samsung and HTC Android devices is being logged and sent to Carrier IQ and then shared with whichever company paid to have the app there in the first place.

Trevor Eckhart’s Carrier IQ Video

As you can see in the video, Carrier IQ’s claim that the company is not, “recording keystrokes or providing tracking tools” is completely false.

So far this software has not been found on any Windows Phone 7 devices, and it hasn’t been found on every Android device.

Another place it isn’t being found is on the iPhone. While Android lovers often chafe at Apple’s walled garden, the reality is that this is one aspect of smartphone ownership that iPhone users don’t have to worry about. Apple doesn’t allow carriers to install their own software onto iPhones, and Apple is its own hardware maker.

Which is why a site like ExtremeTech was led to say in its own coverage of Carrier IQ:

Apple products are another possibility. Normally we’d shy away from suggesting that Android users consider jumping ship, given that many Android users cite Apple’s closed software model as a reason for avoiding their products. In this case, however, the Android handset manufacturers have committed a colossal breach of trust, to the point of undermining the very openness that supposedly underpins Android in the first place. It is, at least, an option.

The backlash against Carrier IQ is, so far, significant, at least in geek circles. Forbes went so far as to report that this software might represent a violation of federal anti-wiretapping laws. Considering the fervor that developed around the much-less invasive location data practices of Apple’s iOS and Google’s Android systems elicited from the U.S. Senate earlier this year, the chances of similar hearings on this software are all but a foregone conclusion.

It would be easy for iPhone (and possibly Windows Phone) users to gloat and assume that this will result in the collapse of the Android empire, but we’d like to remind our readers that Carrier IQ isn’t a part of Android, it’s a consequence of the open nature of the operating system.

If there is enough of a backlash over its use, it’s Carrier IQ itself that will face the biggest pushback, not the platform. While device owners could (and should) be given control over its presence and/or use on these smartphones, we don’t see many Android users pitching their devices and buying iPhones over this.

Sign Up for the Newsletter

Join the TMO Express Daily Newsletter to get the latest Mac headlines in your e-mail every weekday.

Comments

MacFrogger

Disgusting.

This company should be - and will be - driven out of business by a class-action lawsuit or two.  And they deserve it!!

davros_62

“It would be easy for iPhone (and possibly Windows Phone) users to gloat and assume that this will result in the collapse of the Android empire, but we?d like to remind our readers that Carrier IQ isn?t a part of Android, it?s a consequence of the open nature of the operating system.”

Well not really, even the most closed OS isn’t much help if the company supplying the hardware and the carrier collude to install hidden software.

The converse is that it is the open nature of Android (which displays all running processes in a way that users can actually see them) that allowed it to be detected.

Frankly, we have no way of knowing what is running on an iPhone or WP7 phone and whether either Apple or MS do anything similar in collusion with carriers.

Luke

@darvos_62 couldn’t have said it better myself.

If Apple was found to be doing this at the firmware level we would could call it a consequence of their closed nature and it would be an equally stupid statement.

Bryan Chaffin

The converse is that it is the open nature of Android (which displays all running processes in a way that users can actually see them) that allowed it to be detected.

Please note that this app is hidden from the list of running apps, as noted in the article (and in Mr. Eckhart’s video).

Frankly, we have no way of knowing what is running on an iPhone or WP7 phone and whether either Apple or MS do anything similar in collusion with carriers.

It’s not possible for me, and perhaps not you, but there are plenty of folks who can figure this sort of thing out on all the mobile platforms.

Bryan Chaffin

If Apple was found to be doing this at the firmware level we would could call it a consequence of their closed nature and it would be an equally stupid statement.

And yet Apple hasn’t been found to do this.  Furthermore, if Apple did do something like this, we’d have one and precisely one company to blame, Apple. With Carrier IQ, we have to point fingers in many different directions, and no one entity is ultimately responsible. Choose your poison, but I’ll personally take the walled garden on my phone.

My original point stands: An openly licensed and openly released mobile OS leaves many and more opportunities for these kinds of shenanigans.

Nemo

Yes, Caller IQ’s presence on Nokia and Blackberry phones is probably the result of RIM and Nokia’s either collusion or acquiescence, but its presence on Android phones is the result of Google’s quasi-proprietary licensing of Android.  To be begin with Android isn’t open.  Those who say that are simply ignorant of Google’s license for Android.  While anyone can use the basic Android code, if a person declines to use Google’s services, which are the means for Google to do advertising and/or collect valuable data on users, then they can’t use the Android trademarks, can’t use the Android’s MarketPlace for apps, don’t get the latest updates to Android, and are denied the proprietary parts of the Android stack, which are necessary to make a smart device.  So Google retains the proprietary control of Android that it believes would preserve its revenue stream from third-party Android devices.  And there are only two prominent instances where Google has been wrong.  Google has been disastrously wrong in China, where both carrier and/or OEMs have forked Android and, thus, told Google to take its proprietary aspects of Android and stuff it, and Google miscalculated with Amazon, which has also forked Android in its Kindle Fire.  But unlike Apple’s iOS and Microsoft’s Windows Phone 7, which are fully proprietary, Google pretty much lets carriers and others do what they want with Android, as long as they honor the provisions of Android’s license that require use of Android’s revenue generating Google services and that foster and protect Google’s revenues from Android.

And that is where Android opens the door to Carrier IQ, because with Android’s license, both carriers and/or OEMs are free to install whatever software they want, pretty much wherever they want, and however they want into Android, with very little restriction.  That can’t happen with Apple, RIM, or Microsoft without their collusion, so we know who to blame if Carrier IQ appears on their respective phones and/or other devices.  (I am not sure about the licensing for the several OSes that Nokia was using prior to its adoption of Windows Phone 7.) 

And though the ordinary user probably can’t discover what is running at a low level on his iOS, Windows Phone 7, Nokia, or RIM devices, there are plenty of researchers who do have the expertise to discover whether Carrier IQ is running on those devices, and they will soon report whether Carrier IQ is present on Apple’s iOS or Windows Phone 7 devices.  And if Carrier IQ is on Apple or Microsoft’s devices, we know who to blame and who will have to answer.  With Android, Google simply feigns innocence, while it benefits from giving the carriers or someone precisely what they want, a mobile OS, Android, which allows them to monitor an Android users’ every significant use of their Android phones. 

When it comes to the parties, other than the company Carrier IQ, who are the accessories and the primary malefactors behind Carrier IQ, my money is on the carriers.  But Google is an enabler of Carrier IQ, and one which foreseeably benefits from its enabling of Carrier IQ.  Whether Google was aware of, actually received direct consideration from Carrier IQ, and/or marketed Carrier IQ as a feature or benefit for carriers remains to be seen.

ibuck

Post deleted due to Nemo’s prior post.

Bosco (Brad Hutchings)

And it’s been found on iOS, including iOS 5. I didn’t read Nemo’s post, but I bet he has to retract 58% of the words in it now. Word.

Nemo

Dear Bosco:  Here an update to the story that you cited, supra:

Update: chpwn notes that initial research indicated that Carrier IQ’s software may only be active when the iPhone is in diagnostic mode. In a blog post, chpwn confirms that, based on his initial testing, Apple has added some form of Carrier IQ software to all versions of iOS, including iOS 5. However, the good news is that it does not appear to actually send any information so long as a setting called DiagnosticsAllowed is set to off, which is the default. Finally, the local logs on iOS seem to store much less information than what has been seen on Android, limited to some call activity and location (if enabled), but not any text from the web browser, SMS, or anywhere else. We’ll let you know when more details arise.

So it seems that, while there are references to Carrier IQ in iOS, the program is not active in iOS, except in diagnostic mode, and in any event, it does not send any information to any server anywhere, as long as DiagnosticsAllowed is set to off, which is the default setting.  Also and in addition to not sending any information anywhere, the information that Carrier IQ does collect on the iPhone is much limited, or as reported in the quote, supra:  “Finally, the local logs on iOS seem to store much less information than what has been seen on Android, limited to some call activity and location (if enabled), but not any text from the web browser, SMS, or anywhere else.”

So Carrier IQ on the iPhone does not monitor and/or collect anything other than some limited call activity, which it can not, based on default settings, transmit to anyone anywhere; while on Android phones, Carrier IQ monitors every significant thing that you do on an Android phone, collects that information, and seems to send that information to Carrier IQ’s servers.

Bosco, I can forgive you for not reading my post, but you should at least read the full text of the story that you cite as authority for your position.

Tony H

Well Bosco, if you follow the updates on iOS and Carrier IQ, you’ll know it’s not the same as the Andriod implementation. It’s enabled only when the phone is in diagnostic mode and captures far less info than its Andriod counterparts. So just saying it’s on iOS is only part of the word. Read what info Verizon captures and sells on Andriod devices and compare to iOS. Apples and Oranges.

Ben

According to the company?s spokesman, Nokia does not have Carrier IQ on any of their phones.

Adrian

Are you sure IOS doesn’t have it?

Lee Dronick

Are you sure IOS doesn?t have it?

Objection! Asked and answered. smile

So it seems that, while there are references to Carrier IQ in iOS, the program is not active in iOS, except in diagnostic mode, and in any event, it does not send any information to any server anywhere, as long as DiagnosticsAllowed is set to off, which is the default setting.? Also and in addition to not sending any information anywhere, the information that Carrier IQ does collect on the iPhone is much limited, or as reported in the quote, supra:? ?Finally, the local logs on iOS seem to store much less information than what has been seen on Android, limited to some call activity and location (if enabled), but not any text from the web browser, SMS, or anywhere else.?

Lee Dronick

Oy”

From Ars Techinca: “Researchers at North Carolina State University have uncovered a variety of vulnerabilities in the standard configurations of popular Android smartphones from Motorola, HTC, and Samsung, finding that they don’t properly protect privileged permissions from untrusted applications. In a paper just published by researchers Michael Grace, Yajin Zhou, Zhi Wang, and Xuxian Jiang, the four outlined how the vulnerabilities could be used by an untrusted application to send SMS messages, record conversations, or even wipe all user data from the handset without needing the user’s permission…”

Bosco (Brad Hutchings)

Yes, but if you follow the whole narrative, it’s that the iPhone is completely secure and Android is not. Narrative isn’t quite so true as you’d like vis a vis this Carrier IQ stuff.

All that aside… The problem here is Carrier IQ and the data the carriers are collecting, not which platforms they target. If you let it get a foothold and become accepted on another OS, it will be full tilt on iOS too in time. A more subtle problem is really understanding what is collected, when, and why. Keystroke logging, while perhaps possible, would run afoul of wiretapping laws, if done in practice. This will most certainly prompt federal hearings into what these companies are doing.

skipaq

Carrier IQ needs to be looked at very closely. Are they selling a product or providing a service or both. What info is being collected and on what devices. If the carriers or developers are using Carrier IQ then they should also come under some scrutiny. I would think that anyone regardless of platform would want this stuff kicked off their device when it is done this way.

BurmaYank

(quoting from Bosco’s link) “Apple has added some form of Carrier IQ software to all versions of iOS, including iOS 5. However, the good news is that it does not appear to actually send any information so long as a setting called DiagnosticsAllowed is set to off, which is the default. Finally, the local logs on iOS seem to store much less information than what has been seen on Android, limited to some call activity and location (if enabled), but not any text from the web browser, SMS, or anywhere else.”

Other good news is that if you have set your “DiagnosticsAllowed” to “on”, apparently, all the archived text data is completely displayed for you to easily read/examine, there at “Settings/General/About/Diagnostics & Usage/Diagnostics & Usage Data”.

Bosco (Brad Hutchings)

This will most certainly prompt federal hearings into what these companies are doing.

Just call me Nostoboscodamus.

Lee Dronick

Other good news is that if you have set your ?DiagnosticsAllowed? to ?on?, apparently, all the archived text data is completely displayed for you to easily read/examine, there at ?Settings/General/About/Diagnostics & Usage/Diagnostics & Usage Data?.

Thanks Yank. After I looked at my reports I decided to toggle on automatic send. I can understand that some people do not want to share that information even if they are all above board and that is their right, However, I want to help improve iOS.

wab95

Bryan et al:

Read the language very carefully from Carrier IQ, “...we are counting and summarizing performance, not recording keystrokes or providing tracking tools. The metrics and tools we derive are not designed to deliver such information, nor do we have any intention of developing such tools”.

This is masterful obfuscation. They state what they are doing with said data, “counting and summarising performance, not recording keystrokes or providing tracking tools”. To whom would they be providing tracking tools? Presumably to others who might in fact be recording keystrokes. If someone is recording keystrokes, CIQ can argue that they did not provide them with those tracking tools. They do not state that no one is collecting keystrokes, only that they, CIQ, are not. Only if CIQ are found to be recording keystrokes could they be accused of lying.

Moreover, the metrics and tools they derive (whatever they are and to whomever they provide them) are not designed to deliver such information (keystroke info). In other words, they are not contributing to the collection of keystroke info. Again, they do not deny that someone may be collecting it, but if so, they are doing it without tools directly provided by CIQ. Presumably, such parties are doing it with in-house solutions.

There can be only one reason why CIQ would develop a technology that could record and transmit such information. Someone wants it and paid CIQ to develop it. Why else do it, particularly if your own company has no intention of using it?

I would argue that, while one may want to look more closely at CIQ, a far more important question is, who are their true clients.

skipaq

Apple has made a public response to this tempest. Basically, they have stopped supporting Carrier IQ in iOS 5 and plan to remove it completely with a future update. They also stated once again their policy on data collection and sharing.

Winski

This exposes EVERY major US carrier, most device manufactures and their oem’s to DIRECT ACCUSATIONS of Federal Wiretap Law violation..

HAHAHAHHAHAHAHAHAHAAAHAHAHAHAAHAAHAHAHDAH !!!

Now Sen. Franken…... TURN THE SNARLING DAWGS LOOSE !!!

RonMacGuy

Just call me Nostoboscodamus.

Eyes rolling…

BurmaYank

FYI - This update on this story, from a Scientific American’s blog, contained some more elaborated info that I hadn’t yet found elsewhere:

Is Carrier IQ?s Data-Logging Phone Software Helpful or a Hacker?s Goldmine? (By Larry Greenemeier - December 3, 2011):

Part 1 (of 2)
“U.S. mobile phone customers do not like spending a lot of money for their wireless gadgets. As a result many agree to restrictive contracts with AT&T, Sprint, Verizon and other wireless carriers in order to get a good deal. Until the recent uproar over the discovery of Carrier IQ?s analytics software running on a variety of mobile devices, including Apple iPhones and Google Android phones, however, most consumers failed to recognize that they also have little control over the software installed on the highly subsidized handsets they buy. Nor was it clear just how much of a security and privacy risk Carrier IQ?s software creates by gathering and storing data about how and where a person?s mobile phone is used.

Carrier IQ has positioned its software, installed on more than 141 million handsets worldwide, as a mobile agent that helps carriers improve service for wireless customers by providing data on customer usage patterns. These improvements include reducing dropped calls and extending device battery life, Carrier IQ CEO Larry Lenhart said in a video recently posted to YouTube.

Controversy over what else the company could do with the information it gathers arose a few weeks ago, when software developer Trevor Eckhart pointed out on his Android Security Blog that Carrier IQ can tap into a variety of information stored on a handset, including ?manufacturer and model, available memory and battery life, the type of applications resident on the device, the geographical location of the device, the end user?s pressing of keys on the device, usage history of the device, including those that characterize a user?s interaction with a device.? Eckhart, who claims to have obtained this information from a Carrier IQ patent filing, then tested the software for himself.

Eckhart?s subsequent claims that Carrier IQ is a ?rootkit? that logs mobile phone users? activity and location prompted the company to obtain a cease-and-desist order, which was later rescinded when Eckhart retained the Electronic Frontier Foundation. Rootkit is a loaded cyber-security term referring to keylogging, trojan or other software installed without a user?s consent or knowledge for the purpose of tracking activity on that device. More recently, software developer Grant Paul (a.k.a. chpwn) claimed that Carrier IQ is installed on iPhones as well the Android, Blackberry and Nokia phones originally identified by Eckhart. Apple has since distanced itself from Carrier IQ, as Macworld.com noted on Thursday.

More disconcerting than the evidence that Carrier IQ is collecting sensitive data is the lack of evidence that the company knows how to protect that data, says Chris Soghoian, a privacy and security researcher at the School of Informatics and Computing at Indiana University Bloomington. ?You have this application running on your phone with basically full privileges?able to access users? e-mails, phone calls, location information, text messages and photographs?and it?s just sitting there,? he adds. ?Even if you believe that Carrier IQ is well-intentioned or believe that the carriers are not receiving this information, you still have a security crisis just waiting to happen when a hacker figures out how to exploit this information. This is an absolute gold mine for hackers or intelligence agencies or law enforcement.?

(Continued in my next comment, below)

BurmaYank

FYI - Part 2 (of 2) - This update on this story, from a Scientific American’s blog, contained some more elaborated info that I hadn’t yet found elsewhere: Is Carrier IQ?s Data-Logging Phone Software Helpful or a Hacker?s Goldmine? (By Larry Greenemeier - December 3, 2011):

(Continued from my previous comment, above)

“...The notion that spy agencies or law enforcement could take advantage of Carrier IQ to access private information is particularly relevant given the California Supreme Court case earlier this year that awarded police the authority to search mobile phones without a warrant.

Carrier IQ?s software is like ?a gremlin living inside your phone that has the capability to report back to someone else if asked to do so,? says Soghoian, who is also a graduate fellow at the Indiana University?s Center for Applied Cybersecurity Research. Despite Carrier IQ?s claims that it is working to improve network performance for callers, Soghoian adds, the company is hired by the carrier and the performance improvements are only a marginal aspect of what the collected user data could be used to do.

The backlash against Carrier IQ?as well as the mobile phone makers and carriers that permitted the software to be installed?has been extensive. U.S. Sen. Al Franken (D-Minn.) (pdf) and Rep. Ed Markey (D-Mass.) have called for investigations into Carrier IQ?s presence on mobile phones. Germany?s Bavarian State Authority for Data Protection has contacted Apple to find out more about its role in Carrier IQ use. Regulators in the U.K., France, Ireland and Italy are likewise reviewing whether Carrier IQ is in use in their jurisdictions, according to Bloomberg.

While policy makers question the company?s intentions, Soghoian scoffs at the idea of premeditation. ?Instead of assuming that the company is being nefarious, it?s much better to assume that they?re inept,? Soghoian says. ?It?s always safer to assume ineptitude and incompetence, and in this case there seems to be ample evidence of both.?

What I’m still waiting to learn is this:  Even though they may be technically telling the truth when Nokia claims that ?Nokia does not put CarrierIQ on any products…? and when Research In Motion has similarly denied the use of CarrierIQ, has CarrierIQ nevertheless been installed on all those products by someone (i.e. -by their carriers, or as a secret government datamining backdoor for the NSA/FBI/DEA or Echelon, mandated by some secret TIA-enabling law, etc.)?

I’m not holding my breath, though.

Winski

BurmaYank… THANK YOU…...

These clue-free pundits that keep crawling out of the pock-marked woodwork to profess and pontificate how this is just good data collection methodology and Network-enhancing monitoring leave most of us speechless about how little they actually know… Scary…

MacFrogger

MacFrogger said:

Disgusting. This company should be - and will be - driven out of business by a class-action lawsuit or two.  And they deserve it!!

Just call me Nostrofroggodamus!

With apologies to Bosco - just couldn’t restrain myself!

Log-in to comment