Carrier IQ Logging Software Found on Many Mobile Phones

MacRumors

macrumors bot
Original poster
Apr 12, 2001
48,743
10,148





Over the last couple of days, there has been a significant amount of press over the findings of Trevor Eckhart who exposed the presence of extensive logging software found on many Android, BlackBerry and Nokia phones. A video showing the extent of the logging was posted and is summarized by PCWorld. The software is called "IQRD" by a company called Carrier IQ.:
After connecting his HTC device to his computer, Trevor found that IQRD is secretly logging every single button that he taps on the phone--even on the touchscreen number pad. IQRD is also shown to be logging text messages.

In the video, Eckhart shows that Carrier IQ is also logging Web searches. While this doesn't sound all that bad by itself, it suggests that Carrier IQ is logging what happens during an HTTPS connection which is supposed to be encrypted information. Additionally, it can do this over a Wi-Fi connection with no 3G, so even if your phone service is disconnected, IQRD still logs the information.
It doesn't seem entirely clear what information is transmitted and used, though the presence of the software itself has generated many privacy concerns. Eckhart noted in his original findings that on his Android HTC phone, there was no way to turn off logging. He also notes that the Carrier IQ application is embedded so deeply that it can't be fully removed without rebuilding the phone from source code. Forbes is suggesting that the company may have even violated wiretapping laws based on its actions. Carrier IQ maintains that its actions are aimed at device performance only.

Tonight iPhone developer @chpwn reported on Carrier IQ references in Apple's iOS as well, though its logging seems to be much more in line with Carrier IQ's official statements about device performance. (The references were first spotted by Intell on our own forums). Chpwn reports:
Importantly, it does not appear the daemon has any access or communication with the UI layer, where text entry is done. I am reasonably sure it has no access to typed text, web history, passwords, browsing history, or text messages, and as such is not sending any of this data remotely.
The information logged for iOS seems limited to phone call activity and location (if Location Services are enabled). Also unlike the implementation found on Eckhart's HTC, iOS users can opt out of these diagnostics by simply going to Settings -> General -> About -> Diagnostics & Usage -> Don't Send. The actually logged diagnostic data appears to be fully accessible for perusal in that same setting menu.

TUAW describes the iOS findings as "probably benign" and consistent with expected network performance diagnostics.

Article Link: Carrier IQ Logging Software Found on Many Mobile Phones
 

fins831

macrumors 6502a
Oct 7, 2011
655
0
Between the Malware on Android and now this, is the open source really worth it?
 

econgeek

macrumors 6502
Oct 8, 2009
337
0
More BS linkbait. There is no key logging software, and no evidence that any key logging has been done in iPhones. The software that is there, reports metrics, but only in diagnostic mode.

Calling it "key logging" which is a common term for software that secretly logs ALL keystrokes is, quite frankly, dishonest.

But then, that's what passes for "journalism" these days.

Maybe on the upside it will knock $5 off Apple's stock price tomorrow.
 

dethmaShine

macrumors 68000
Apr 13, 2010
1,697
0
Into the lungs of Hell
No he didn't. I did: https://forums.macrumors.com/threads/1284749/

My posts here predate his tweets and I first mentioned this on MacRumors on November 25.
Well you're on twitter. Your fault.

/jk

Credit where credit is due. You know what? You should get a blog! and now a twitter account.

EDIT: 25th? Please post the links. I don't wish to police but actually wish to read more on this matter. Thanks!
 
Last edited:

Abyssgh0st

macrumors 68000
Jan 12, 2009
1,888
8
Colorado
I don't understand what the hubbub is about. People have massive digital footprints that they are very clueless about.

The Fourth Amendment to the United States Constitution means nothing when referring to corporations- we all agreed to it in the Terms and Conditions.
 

JackieTreehorn

macrumors 6502
May 22, 2005
424
313
Brussels
http://www.xda-developers.com/android/the-storm-is-not-over-yet-lets-talk-about-ciq/

Well, as you are all aware by now, and as I stated a few moments ago, there was a formal apology letter posted by CarrierIQ on their website, which you can all read from the link that I just posted. However, there are a few items in here that we are not entirely happy with
- Does not record your keystrokes.
- Does not provide tracking tools.
- Does not inspect or report on the content of your communications, such as the content of emails and SMSs.
- Does not provide real-tie data reporting to any customer.
- Finally, we do not sell CarrierIQ data to third parties.
- Does not record your keystrokes. – Yes, it does
- Does not provide tracking tools. – Being able to pin point you by signal and geographical coordinates every time your device polls for location…. Yes, it does
- Does not inspect or report on the content of your communications, such as the content of emails and SMSs. – Yes, it does that and more…
- Does not provide real-time data reporting to any customer. – Yes, it does (so as long as the device has signal)
- Finally, we do not sell CarrierIQ data to third parties. – Prove it
 

Intell

macrumors P6
Jan 24, 2010
18,897
407
Inside
dethmaShine said:
Credit where credit is due. You know what? You should get a blog! and now a twitter account.

EDIT: 25th? Please post the links. I don't wish to police but actually read more on this matter. Thanks!
I can't write blogs to save my life. I'm unsure of exactly where I first posted it, but I do have GoogleTalk logs in which I discussed it with one of my peers from the 25th.
 

arn

macrumors god
Staff member
Apr 9, 2001
14,985
2,728
I can't write blogs to save my life. I'm unsure of exactly where I first posted it, but I do have GoogleTalk logs in which I discussed it with one of my peers from the 25th.
I updated the story.

arn
 
Last edited:

fins831

macrumors 6502a
Oct 7, 2011
655
0
Even HTTPS sites can be keylogged, which are supposed to be encrypted for safety...iOS has done right by us, Android might have sold everyone out
 

dethmaShine

macrumors 68000
Apr 13, 2010
1,697
0
Into the lungs of Hell
I can't write blogs to save my life. I'm unsure of exactly where I first posted it, but I do have GoogleTalk logs in which I discussed it with one of my peers from the 25th.
I really don't have a problem seeing them if you wish to publish. You may wish to redact some of it; but again no problems here. But on another note, I did read that thread and found some useful stuff.

I have a question. When you say the daemon is in /usr/bin/, I believe it refers to /usr/bin in iOS X.x. I have never really jailbroken my iDevice to scrutinise it but how do you actually go to /usr/bin in iOS? Do you use a terminal in iOS or do you SSH using terminal on OS X?
 

miles01110

macrumors Core
Jul 24, 2006
19,261
31
The Ivory Tower (I'm not coming down)
Maybe you should try reading the article again OR may be following the story on other websites before posting asinine comments.
What does this have to do with anything? If you think Apple isn't tracking everything you do on your iPhone, CarrierIQ or their own method, you're naive.

Even HTTPS sites can be keylogged, which are supposed to be encrypted for safety...iOS has done right by us, Android might have sold everyone out
Keylogging has nothing to do with HTTPS.
 

arn

macrumors god
Staff member
Apr 9, 2001
14,985
2,728
What does this have to do with anything? If you think Apple isn't tracking everything you do on your iPhone, CarrierIQ or their own method, you're naive.
or maybe just not a conspiracy theorist?

arn
 

Intell

macrumors P6
Jan 24, 2010
18,897
407
Inside
I have a question. When you say the daemon is in /usr/bin/, I believe it refers to /usr/bin in iOS X.x. I have never really jailbroken my iDevice to scrutinise it but how do you actually go to /usr/bin in iOS? Do you use a terminal in iOS or do you SSH using terminal on OS X?
Either via an on device Terminal or via SSH.
 
Last edited:

arn

macrumors god
Staff member
Apr 9, 2001
14,985
2,728
You don't need to be a conspiracy theorist to accept that every major tech company - Amazon, Apple, Google, Microsoft, etc - collects information on their users from the devices they distribute. In fact, this is quite obvious in almost every respect.
Yes, it is very obvious. There's even a setting for it.

Settings -> General -> About -> Diagnostics & Usage -> Don't Send
 

fins831

macrumors 6502a
Oct 7, 2011
655
0
Keylogging doesn't have anything to do with HTTPS, I do know that, was merely stating that the whole idea behind HTTPS is security and encryption, and this undermines it...

On a PC a keylogger and paying a bill = identity can be stolen
On a samsung/HTC android, where is this information going or what is it being used for....

On iOS it seems to be diagnostic only (or so I am hoping).
 

tylerk36

macrumors member
Feb 22, 2009
76
0
"SIRI please long my keystroke" "I can't do that Dave" "SIRI please open the pod bay doors" "I can't do that Dave" "SIRI your a jack ass!" "SIRI" "SIRI"
 

Intell

macrumors P6
Jan 24, 2010
18,897
407
Inside
I really don't have a problem seeing them if you wish to publish. You may wish to redact some of it; but again no problems here. But on another note, I did read that thread and found some useful stuff.
My log, in screenshot format with the other person's info removed:

GTLo2.png
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.