Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
[Carrier IQ] Android tracking your EVERY move
- Thread starter garybUK
- Start date
- Sort by reaction score
The point to be made here is that CarrierIQ is collecting too much data and without consent of handset owners.
The fact that it collects less on the iPhone (ie. no keylogging) is irrelevant and still invalidates the "Apple's closed system is better, Android is more susceptible banter people have been throwing around. Also, I didn't see in the research if key logged data was actually being transmitted. So, like kdarling mentioned, if this data is stored in some debug log it's not a big deal anyway.
It also appears to be on dumb phones. Check out CarrierIQ's web page.
So this still brings us to the one UNIFIED issue CarrierIQ is collecting too much data and without consent of handset owners all devices share. They should have a switch that can be turned on or off by users. It looks like most of what CIQ is meant for is reporting poor service to tell carriers what towers need work. So that's fine. I'd give consent to share where my calls are made from and where dropped calls are, nothing more though since it is something that serves a purpose.
The fact that it collects less on the iPhone (ie. no keylogging) is irrelevant and still invalidates the "Apple's closed system is better, Android is more susceptible banter people have been throwing around. Also, I didn't see in the research if key logged data was actually being transmitted. So, like kdarling mentioned, if this data is stored in some debug log it's not a big deal anyway.
It also appears to be on dumb phones. Check out CarrierIQ's web page.
So this still brings us to the one UNIFIED issue CarrierIQ is collecting too much data and without consent of handset owners all devices share. They should have a switch that can be turned on or off by users. It looks like most of what CIQ is meant for is reporting poor service to tell carriers what towers need work. So that's fine. I'd give consent to share where my calls are made from and where dropped calls are, nothing more though since it is something that serves a purpose.
Fair enough. I don't know much about either issue tbh.
However I distinctly remember you sticking up for Apple when it was suspected when Apple were keeping info of where their iPhone customers are. You said something on the lines of "Who cares if Apple know where I've been today? It hardly matters."
So we all know what you think of the issue don't we? I'd find a quote but I really cab trawling through pages and pages just to prove my point.
On the iPhone, so far as I can tell *nothing* is collected without your consent (at least on iOS 5). When you set the phone up it asks you if you want to submit usage data to improve their products etc. If you don't turn that switch on, it's disabled.
If you do turn it on, it collects (so far as I can see, having scanned through a few weeks worth of logs earlier) only data that's seriously useful for apple and the networks. I.e. dropped calls, network issues, app crashes, battery usage. The only personal data I saw was my phone's serial number.
Compare that to what people have seen on android: recording phone numbers and passwords typed into secure forms, and you might see where there's an issue
Then again, I've not seen evidence that data is being sent anywhere. It might just record all that but only send the same data that the iPhone does. And yes, apple definitely comes out looking good on this one. Not because it's "closed" instead of "open" or any crap like that. Just because apple won't let the carriers install whatever crap they want to on the phone. That's why the iPhone version does what it's supposed to do, and doesn't go data mining. It's not google putting this on android phones, it's the phone networks (and perhaps some manufacturers).
So, let's look at this Giz article. This shows that Carrier IQ (at least for pre-iOS 5 versions) is limited to Diagnostics Mode and is turned off by default. Not only that, but CIQ has much less access than the Android version has. On iOS, Carrier IQ can (only in Diagnostics Mode) log your name, phone number, call information, and location data. Plus, in iOS 5, Apple has largely cut Carrier IQ usage and plans on getting rid of the rest in the near future.
On the iPhone, so far as I can tell *nothing* is collected without your consent (at least on iOS 5). When you set the phone up it asks you if you want to submit usage data to improve their products etc. If you don't turn that switch on, it's disabled.
If you do turn it on, it collects (so far as I can see, having scanned through a few weeks worth of logs earlier) only data that's seriously useful for apple and the networks. I.e. dropped calls, network issues, app crashes, battery usage. The only personal data I saw was my phone's serial number.
Compare that to what people have seen on android: recording phone numbers and passwords typed into secure forms, and you might see where there's an issue
And yes, apple definitely comes out looking good on this one. Not because it's "closed" instead of "open" or any crap like that. Just because apple won't let the carriers install whatever crap they want to on the phone. That's why the iPhone version does what it's supposed to do, and doesn't go data mining. It's not google putting this on android phones, it's the phone networks (and perhaps some manufacturers).
the official word (from apple and from people looking into packet transferring) is that starting with iOS 3 and ending with iOS 5, Apple had CallerIQ installed on iPhones. It ran ONLY when the phone was in diagnostic mode, and logged such things as location, call times and lengths (but not keystrokes, the people you were calling, or anything else of a personal nature aside from location). This was never turned on for most people, because almost no one goes into diagnostic mode.
They removed it from iOS5, but references to it remained in the software. In a new update, Apple promises to finish removing it, including all of those references
I think that it is dishonest to lay any blame on Android or Google with regards to CarrierIQ. The blame should be placed on both the carriers and the manufacturers who bake CarrierIQ into their build of Android. I'm hoping that this bites them both in the rear.
I am happy that Apple took a positive stance on this issue and has stated that all traces of CarrierIQ will be removed from iOS in a future update. I do have a problem that they (the only one to have access to the hardware and OS) had incorporated this into iOS previously, and that they made this announcement only in response to the press this issue is now receiving. [EDIT - I worded this wrong, as I know Apple has been in the process of removing this for some time]
Also in regards to this being a Google and Android problem, the only phone that they have some control over, the Samsung Galaxy Nexus - will not have any trace of CarrierIQ as this will be a pure implementation of Android.
I hate reading when issues like this are used by fans of a particular platform to try to malign another platform. Instead everyone should be outraged that 'spyware' such as this has been allowed to be used without customers consent, and should make their voices heard that this type of behavior is not acceptable from any government or corporation.
I am happy that Apple took a positive stance on this issue and has stated that all traces of CarrierIQ will be removed from iOS in a future update. I do have a problem that they (the only one to have access to the hardware and OS) had incorporated this into iOS previously, and that they made this announcement only in response to the press this issue is now receiving. [EDIT - I worded this wrong, as I know Apple has been in the process of removing this for some time]
Also in regards to this being a Google and Android problem, the only phone that they have some control over, the Samsung Galaxy Nexus - will not have any trace of CarrierIQ as this will be a pure implementation of Android.
I hate reading when issues like this are used by fans of a particular platform to try to malign another platform. Instead everyone should be outraged that 'spyware' such as this has been allowed to be used without customers consent, and should make their voices heard that this type of behavior is not acceptable from any government or corporation.
So now whats your excuse OP? Apple has just acknowledged CarrierIQ has been on iOS for a long time. And dont we forget the problem they had with the localization issue also. Are you going to keep critizising Android? Now we see you are an Apple fanboy.
Also, another researcher just pretty much confirmed what kdarling mentioned.
http://latimesblogs.latimes.com/technology/2011/12/carrier-iq-privacy.html
Just because it shows up in the debug log as triggering on a key-press doesn't mean it's being recorded or sent to CIQ. According to this researcher... it is not.
So looks like it's a big scandal over nothing! Bad press for CIQ anyway... they should just rebrand haha.
http://latimesblogs.latimes.com/technology/2011/12/carrier-iq-privacy.html
Just because it shows up in the debug log as triggering on a key-press doesn't mean it's being recorded or sent to CIQ. According to this researcher... it is not.
So looks like it's a big scandal over nothing! Bad press for CIQ anyway... they should just rebrand haha.
That's a bit more useful. So the key logging is basically nothing - no evidence to suggest that they're using that data at all.
Except that they ARE logging the keystrokes it seems. Only to the android logging system, but this is still bad news. The log is meant for storing debugging info and the like, no keystrokes. As such, it's not normally secure. If somebody has access to your phone (or quite possibly your computer you sync it with) or your backups, they have access to all that data. Did you log into your online bank account? Username and passwords are stored in there, perhaps straight after the URL of the login page.
To me that sounds more like a screwup on the developers' part than anything nasty, but still - I'd say having your passwords logged unencrypted is MUCH worse than apple's location tracking scandal. Especially if it's logging the location data too!
Compare that to what people have seen on android: recording phone numbers and passwords typed into secure forms, and you might see where there's an issue
"Most developers have used that log. All we have here is a case of extra logging not being turned off in production code.
Instead, they installed it themselves.
It's not data mining, it's just dumb over-logging, probably by a young programmer (who's getting older by the second now
)Apple was doing the exact same thing. They collect random diagnostic information about phone calls, including your location. The idea is to watch for trouble brewing in a certain location.
Apple also sends up hotspot information when a phone is turned on, if a call fails, and at other times... without asking permission once location services are on.
--
The biggest problem with letting that ignorant "researcher" cause so much furor, is that such location and diagnostic services actually help us all out.
That said, a person should be able to opt out of sending any info at all, if they wish.
From what I've read this is something that US operators put on the phones. Sprint has admitted it already.
I have a sim free sgs2 in the uk and there's no carrier iq on it.
I have a sim free sgs2 in the uk and there's no carrier iq on it.
Both platforms have their positives and negatives.
Android can do everything iOS can but often in a "less clean" fashion. It's a lot more flexible and feature packed, but doesn't offer an integrated, simplistic experience.
I like both.
Android already existed in its current form before the iPhone came out.
http://mobile.osnews.com/printer.php?news_id=25264
This fiasco leaves me disgusted at the carriers in the US. I mean, I already feel I have enough reason to be disgusted at them (price fixing, ridiculous advertising, abusive caps and texting rates, and mergers are a few great examples). To them, our damn monthly fees just aren't enough. No, they have to go data mining to get even more money. Ahhh greed.
Last edited:
Yep, from what I've read since, it seems that this stuff just gets logged, but never transmitted. The meaning of 'logged' in that sentence is pretty critical though - does it get logged as in stored on disk? That would be bad news - worse, I'd say, than the apple location fiasco because of the data it contains.
There's an interesting interview with the company here: http://www.theregister.co.uk/2011/12/02/carrier_iq_interview/
They're saying things like key presses get checked and discarded immediately. That would make total sense to me - creating a text-style log of each keystroke would be very wasteful. But on the android video we saw, it didn't look like a simple bit of code checking the key press and discarding. It looked more like a log file, although he was supposedly using a packet sniffer. The only thing I can think is that the keyboard handler sends the key presses to CIQ via the network, presumably on the loopback address so it stays on the phone.
Anyway, sounds like worst case it's just a coding error that will have nasty privacy implications if you lose your phone, best case it's just a diagnostics tool doing its job and nothing to worry about.
Oh, and let me correct that last line of yours
Last thing: Anyone thinking they don't have this software on their phone, so they're safe - think again. If your phone has NO diagnostics software, if you have a problem the manufacturer/carrier can't check to see what's going wrong. That isn't good!
The alternative is that is DOES have diagnostic software, and you don't know about it. It's not CIQ which is getting so much attention now, and is looking somewhat 'storm in a teacup'. But you might have something just as bad as CIQ was looking, and know nothing about it. That isn't good either
But most likely you have some diagnostics software, and it just does what it's supposed to do - report stuff that goes wrong as anonymously as possible, help you out if you have problems. Hopefully it's opt-in too, so it's not reporting stuff and wasting your battery while you don't need it.
Yep, exactly as I said from the very first. It was pretty obvious to anyone who writes stuff like this.
Right again. It is definitely a dumb move and something that a more experienced (as in: has gotten bit before) developer would not have left turned on.
But then, even Apple's programmers set their location cache to a size that left info for over a year.
Programmers make mistakes. It's not a conspiracy. No one is out to get us. It's just a mistake.
Thank you very much for that article. It perfectly explains why their software watches texts and keystrokes:
1) They watch texts for a special one with a command to send their gathered debug statistics (NOT the log).
That's how most phones do remote clearing, as well.
2) They watch keystrokes for special sequences that trigger field commands.
A Blackberry has special keystrokes like that. For example, alt-LGLG lets you see a detailed log. And on most phones, including the iPhone, there is a special telephone number that is watched for to enable field tech mode.
Ah. That is the part that perhaps everyone is missing. There is a rolling global log file in most smartphones that developers can write to. This is simply that.
To see it in realtime, you hook your device to a PC running the Android debug software. A million developers a week do it. That's all he did. No packet sniffing. He just set up a simple filter to show just that app and watched the log.
So yes, the keystrokes are discarded. Almost everything is. It's just logged so the programmer can make sure his app is watching correctly for those special sequences. Again, doing this is as common as dirt.
Nope. It's just a local rolling log that you watch from an attached PC. See above.
Exactly. And easily fixed in the future by turning it off before production.
Most importantly, I'm 99% sure that when the device reboots, the logs are cleared. (It's actually a developer complaint - grin.) But let me check that.
Edit later: Okay, I checked an Incredible and the log rolls about every 30 minutes. It also clears when you reboot. There are plenty of log viewer apps in the Android Market, btw. Heck, there's even a live wallpaper that continuously shows what the system is logging. This is not some mysterious thing the guy discovered.
Regards.
Last edited:
Any unencrypted log of keystrokes is a security risk. I wouldn't care if it was sent via the network or not, for inevitably some hacker will exploit it. Logging keystrokes just adds a vulnerability that is not necessary. Besides, why have diagnostic software installed at all? Why not wait until here is a problem and then ask the user's permission to install a given diagnostic utility? Frankly all of this reeks of the disregard companies have for threats to personal privacy.
Agreed, any log at all is a security risk. However, they're also necessary for application development and to conserve battery or data (e.g. the way that Apple batch-sends logged hotspot info to themselves about once a day via WiFi.)
So there needs to be a happy medium. Your suggestion of encryption is a good idea.
That's like saying, why not wait until a dam breaks before repairing it.
It makes infinitely more sense to keep on top of potential problems before they affect hundreds or thousands of people.
For that, you need both carrier and device info so it can be matched up. E.g. knowing that multiple phones tried to send a text in a certain cell group, but failed, is something that might not be visible just from the carrier side.
On the contrary, I think that at the highest levels, companies care very much. The real life problem comes with inept implementation at the lower level.
I doubt the carriers knew about the leftover debugging, and I bet the CarrierIQ programmer(s) who left it in are also getting raked over the coals.
Perhaps the solution is to find some way of completely debugging prior to releasing software or hardware to the public. I get that the last bugs are always the worst bugs because they are the least obvious and usually occur under a restricted set of conditions (I have some coding experience - that is if you count scientific programming as coding - and I appreciate how useful diagnostic tools can be). Still, you'd think that there would be a better way than releasing products in the wild with the expectation that they will be buggy. After all, the relationship between inputs and outputs on digital processors is wholly deterministic....
All I can say is thank goodness that some of the people writing commercial apps don't code control systems for nuclear power plants or airplanes....
All I can say is thank goodness that some of the people writing commercial apps don't code control systems for nuclear power plants or airplanes....
Code is imperfect. It's just a fact. Unless something is dead simple it's going to have bugs. The only measure is how severe.
They are.
Those things tend to move slower though. More testing before release to make sure there are fewer issues. That time is just not there in the Consumer market. If you snooze you lose! The product is made and goes through a "reasonable" amount of testing, and then released.Usually it is sufficient, but every so often there will be a test case you didn't think of. Unfortunately for this developer... it caught a bit too much heat.