The uproar surrounding an app made by California-based Carrier IQ, which apparently transmits piles of private data from users smartphones, has reached all the way to top of the US government and the wireless industry.
After the covert piece of software was discovered by Android developer Trevor Eckhard last week, Sen. Al Franken (D-MN) today issued a letter to Carrier IQ, asking the company to clarify what, exactly, its so-called “diagnostics” software was transmitting, and to whom the private information — data that appears to include all keystrokes logged on the phone, the contents of incoming text messages, location data (even when location sharing was expressly forbid), phone numbers called — is sent.
In addition, a growing number of companies in the smartphone industry have responded to the report, either confirming or denying their use of Carrier IQ. So, are you one amongst the unlucky millions affected by Carrier IQ’s invasive — if not illegal — secret software? Here’s a list of all those who have admitted to using the software, or denied it.
Uses Carrier IQ software:
• Apple: An Apple spokesperson has confirmed with AllThingsD that Carrier IQ was used in past versions of iOS, but the company has stopped using it in “most” of its devices, and “will remove it completely in a future software update.” Apple says that it has “never recorded keystrokes, messages or any other personal information for diagnostic data and have no plans to ever do so.”
• AT&T: The second-largest US wireless provider says it does install and us Carrier IQ’s software, but that it does so entirely for quality control purposes. It is not clear whether the software is present on all AT&T handsets, or only a select few.
• Sprint: Like AT&T, Sprint has confirmed the use of Carrer IQ software. Again, they company says it’s just for assessing quality of its service.
“We collect enough information to understand the customer experience with devices on our network and how to address any connection problems, but we do not and cannot look at the contents of messages, photos, videos, etc., using this tool,” said Sprint spokeswoman Stephanie Vinge-Walsh in an email to Computerworld. “The information collected is not sold and we don’t provide a direct feed of this data to anyone outside of Sprint.”
• HTC: The company says that it uses the Carrier IQ software, but insists that the data transmitted is not used for any nefarious purposes. That said, HTC also says that it’s inclusion on their phones is due to a requirement by “a number of US carriers.”
Here is a portion of HTC’s statement on the matter
• Samsung: As is the case with HTC, Samsung says that the Carrier IQ software is on many of their handsets, but that it is the carriers that collects the data, not them.
Does NOT use Carrier IQ software (and/or denies it):
• Nokia: Despite the fact that Eckhard, who originally discovered the Carrier IQ software, says he has found the app on Nokia handsets, Nokia has firmly denied this, and says that the software isn’t compatible with its devices.
• Research In Motion: BlackBerry handsets were also singled out by Eckhard as having the software installed, a claim RIM has firmly denied.
“RIM can attest that it does not pre-install the CarrierIQ application on BlackBerry smartphones and has never done so. Furthermore, RIM does not authorize its carrier partners to install the CarrierIQ application on BlackBerry smartphones before sales or distribution and has never done so.” (via BlackBerry support forums)
• Google: While Carrier IQ does appear on a large number of Android handsets, Google was one of the first to state that it has not installed the app on any of its flagship Android devices, which include the Nexus One, Nexus S and the new Galaxy Nexus).
• Verizon: In a tweet to The Verge editor Joshua Topolsky, Verizon spokesperson Jeffrey Nelson firmly states that Carrier IQ is not on any Verizon Wireless phones.
• Microsoft: No Windows Phones have been found to use Carrier IQ software.
• US Cellular: Like Verizon, US Cellular says it does not install, or require handset makers to install, Carrier IQ on its network’s devices.
• T-Mobile: Of the US carriers, this one is the most oblique, with T-Mobile saying in a tweet that they do not ask device manufacturers to put Carrier IQ software on their devices. (Of course, this doesn’t necessarily mean it’s not on there.)
(Outside the US, UK carrier Vodaphone and O2 say they do not use Carrier IQ software.)
Things to remember
It is impossible to tell whether your handset has Carrier IQ installed, unless you run a test — it doesn’t have an icon. And even if a device manufacturer denies using Carrier IQ it’s still possible that the carrier requires its installation, so don’t assume you’re not being watched just because you have a Nokia or BlackBerry handset.
Fortunately, Eckhard has written an app (for Android only, at the moment) called Logging TestApp Pro ($1 from the Android Market), that can tell you if Carrier IQ is installed, and can remove the software altogether.
There are a few caveats to this cleansing, however; first, the removal does not always work. Second, your phone must be rooted for the app to work at all. (See instructions for how to root your device here.)
The only other way to get the software off your device is to completely wipe your phone, and reinstall it with a new operating system. The process for doing that can be a bit tricky, and is different for different devices, so we suggest Googling “your handset + install new OS,” if you really want to go that route. But remember — there’s a chance this software really is only being used to improve your mobile service, not to spy on your text message, location and phone calls. So if you want to give these companies the benefit of the doubt, feel no need to go through any of this.
Help root out Carrier IQ
If any of you conclusively discover that Carrier IQ either is, or isn’t, installed on your device, please let us know in the comments, with the name of your device, and your carrier. Or you can shoot it over to me on Twitter @andrewcouts. I will add any discoveries to this list, so other users can know whether or not their information is potentially being shared via Carrier IQ.