Mobile users, beware: you’re being watched — constantly. An Android developer claims to have discovered an app that comes pre-installed on millions of Android and BlackBerry handsets, that records all activity on the device. That includes calls, location, and every key pressed on the device.
Update: Nokia says that reports that this software is installed on its devices is incorrect, and that the software won’t work with their systems.
The app, created by California-based software company Carrier IQ, is shown in a video posted to YouTube (see below) by developer Trevor Eckhard logging every key he pressed, in real time. The software even recorded Eckhard’s geographic location, when connected to Google via Wi-Fi — not 3G — even though he denied permission for Google to track his whereabouts. Calls aren’t safe, either.
“Every button you press in the dialer before you call,” Eckhard says on the video, “it already gets sent off to the IQ application.”
According to Carrier IQ, the software is simply used to assess quality control, telling Wired that the app is for “gathering information off the handset to understand the mobile-user experience, where phone calls are dropped, where signal quality is poor, why applications crash and battery life.”
The company also denied that the software transmits user data in real time.
“Our technology is not real time,” said Andrew Coward, Carrier IQ’s VP of marketing, in an interview last week. “It’s not constantly reporting back. It’s gathering information up and is usually transmitted in small doses.”
So when Eckhard dubbed the software a “rootkit” — a term typically associated with trojans and other malware — Carrier IQ threatened to wage a legal battle against Eckhard. The company quickly pulled off its dogs, however, after the Electronic Frontier Foundation came out in support of Eckhard’s claims. Carrier IQ also denies that its software records keystrokes — a claim obviously refuted by Eckhard’s video.
The only way to rid your device of Carrier IQ’s invasive monitoring software is to completely wipe your device, and reinstall it with a new operating system.
This is, of course, not the first time we’ve learned about our mobile devices betraying our private data. But it doesn’t make it any less troublesome, this time around.
So how do you stop it without giving up your phone? Is there a list being created of phones that do NOT have this invasive software? I’m kind of annoyed that this part of the issue is not truly addressed. I’m grateful that you enlighten me, but now I just walk around pissed and not wanting to use and appreciate what my phone can do for me. What about a solution. It would be “cooler” if the article touched upon a solution whether it is now or being worked on.
Just so you know, I did actually highlight the one and only solution there is: “The only way to rid your device of Carrier IQ’s invasive monitoring software is to completely wipe your device, and reinstall it with a new operating system.” There is not another solution.
You are obviously, exactly right. You said exactly that. I must have jumped to the video, gotten bothered and posted before reading everything. I apologize.
Do you know if there is a list being created of phones that do not have Carrier IQ hidden in them? Do you know if there is a “standardized” way to format and install a generic Android system without the “fluff” companies add? And, lastly, do you know if doing so would conflict with agreements we would have had to make with our carrier (i.e. Verizon)?
Thanks for your article and your patient response.
No problem, at all. It was tucked in there right at the end, so it’s easy to miss.
In terms of devices that don’t have it, Nokia says that none of it’s devices have it installed, despite Eckhard’s findings. Also, Google says that none of the three Nexus-branded devices have it installed. And Apple apparently has it sort-of installed on all version of iOS, meaning that at least parts of the IQ software are there, but it does not send out data, unless the “diagnostics” option is turned on. And it’s turned off, by default. At least, that’s what I’m hearing and reading. We’ll see once more info becomes available.
Thanks for reading!
Just going off what Andrew already said, all three Nexus phones are void of Carrier ID, and from what I’ve seen there has been no sign of Carrier ID on WP7 devices, but it might just be a matter of time before that is discovered.
And from my understanding wiping the phones and doing a clean install would void warranties, but I don’t believe it is a breach of contract with your wireless provider.
That’s why you should’ve bought a Mac!
#Twitter
#Fascistmachinery. #pigs.
Huh.. Pretty generic headline.. I wonder if iOS was affected what it would have read.. :)
Going back to drum signals fuck the electronic age
I’m currently using a carrier unlocked Nexus S, and I don’t see any signs of Carrier IQ in my running apps, very scary video though.
go download trev’s APK…..it’s not something you can just ‘see’ without having an app to look for it
interesting… My incredible does not have Carrier IQ on it… or Tell HTC on my “About phone” info.