Basically? That some of your usage patterns can be sent back to Apple if you allow Diagnostic & Usage to be on.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Carrier IQ Logging Software Found on Many Mobile Phones
- Thread starter MacRumors
- Start date
- Sort by reaction score
Basically? That some of your usage patterns can be sent back to Apple if you allow Diagnostic & Usage to be on.
So, you're saying that an open source project must leave their license and can't be modified?
What? What they do with Nexus line?
In the United States, Downloading of copywrited materials, drunk driving, murder are not legal. So? Laws do not prevent crime, they only enable actions to be taken post crime which hopefully prevent future crime.
For me this is just wrong. I don't care if it was found via open source/closed source via SSH etc. It was found. I don't care if it is Apple/Samsung/Microsoft/Google etc. It is wrong. I am really surprised this hasn't been bigger news. Heck when the Apple thing broke you could read it everywhere....... I hope this goes away and goes away quick!
Why are you making up something I didn't say?
If you use proprietary Google apps or Google trademarks such as "Android" or "Nexus", Google has the ability to impose licensing terms to use those apps. Part of those terms could limit the software installed on a device that uses Google apps or trademarks.
Google already does this. Every phone marketed as Android must meet certain requirements. The Nexus line is an obvious example of exactly what I'm talking about.
They don't allow any extra software to be installed. That's why the Nexus line doesn't have the CarrierIQ software.
Is their phone, they can prevent anything on it.
HTC phone are not from Google, they can't prevent anything.
What BaldiMac is saying is that Google should not licence the Google apps to any OEM/Carrier which allows CIQ.
Given the way they stopped Motorola using Skyhook for location services it's possible Google could do so.
The Galaxy Nexus is a Samsung phone.
I already explained how they do. Why do you keep repeating this?
I know what he is tryng to say but I highly doubt it can be enforced without suing Google for anticompetitive behavior.
Why this app is not allowed and this yes?
Android compatibility tests are technical tests, they doesn't have anything about software installed
And Skyhook sued Google for that.
----------
The Galaxy Nexus is not an OEM phone, is a Google phone made by Samsung. Great difference
To me this situation is starting to make sense. Carrier IQ was already used in the industry before the iPhone.
Carriers probably have it tied in to their reporting and maintenance systems, like any ISP has (cable and ADSL modems report diagnostics back too). They have to have some sort of diagnostics to figure out network problems, low signal areas, etc.
Because it was compatible with what they had carriers asked Apple to include it, so Apple went ahead and added it to iOS as part of their usage and diagnostics package. Apple integrated and maintained it.
Carriers then asked Google to include it on Android, Google refused - maybe because they have their own thing, maybe because it's not open source or there's patents involved, who knows - and told them if they wanted it they would have to add it themselves.
Carriers then proceeded to add it to their Android versions, but without Google holding their hand they completely botched up the job: they hid the process, made it non-optional and got hooks to as many events as possible. Not unlike the usual crapware they add to phones.
In the end I don't think Android version actually sends back more data to Carrier IQ, it just appears to do much worse simply because it was developed by morons who have no clue how to develop phone software (aka the carriers).
But Carrier IQ did make matters worse by completely mishandling the initial discovery.
Right now they must be playing a game of musical chairs to see who ends up getting blamed for that clusterf***.
Carriers probably have it tied in to their reporting and maintenance systems, like any ISP has (cable and ADSL modems report diagnostics back too). They have to have some sort of diagnostics to figure out network problems, low signal areas, etc.
Because it was compatible with what they had carriers asked Apple to include it, so Apple went ahead and added it to iOS as part of their usage and diagnostics package. Apple integrated and maintained it.
Carriers then asked Google to include it on Android, Google refused - maybe because they have their own thing, maybe because it's not open source or there's patents involved, who knows - and told them if they wanted it they would have to add it themselves.
Carriers then proceeded to add it to their Android versions, but without Google holding their hand they completely botched up the job: they hid the process, made it non-optional and got hooks to as many events as possible. Not unlike the usual crapware they add to phones.
In the end I don't think Android version actually sends back more data to Carrier IQ, it just appears to do much worse simply because it was developed by morons who have no clue how to develop phone software (aka the carriers).
But Carrier IQ did make matters worse by completely mishandling the initial discovery.
Right now they must be playing a game of musical chairs to see who ends up getting blamed for that clusterf***.
Last edited:
The fact that Skyhook hit back at Google could be the reason why they are not getting involved.
It could also be that Google do not vet every single variant of a handset on different carrier (I.E: they authorise the HTC Sensation for G-Apps which does not include CIQ, then carriers add it after HTC have permission to use the GApps.)
I can't imagine that Google reviews and authorizes each carrier branded handset.
I think that it would only be considered anticompetitive if Google required OEM's to use their (Google's) own version of the service. Disallowing potentially harmful applications in order to get access to Google apps/services would likely be a fine and legal requirement.
Having spent some time reading Kalsta's comments carefully, I think his argument makes sense and is quite coherent. This sort of comment is really unnecessary, slightly insulting and does nothing to further the discussion of the original topic.
This is not an open-source vs iOS issue. The fact that the software is buried so deep in the OS and is difficult to remove without specialist tools and knowledge makes it a serious issue for the vast majority of users - simply because the vast majority of users just don't know and/or don't care about hacking their phone software. i just hope this story gets into the mainstream media, especially in the UK where these issues are rather topical at the moment.
This bad boy is phoning home a lot more then it needs to. I won't be surprised to learn that this company, Carrier IQ is a front for a much larger company that lives and breaths gathering potential customer data....now, whooo could that be???
Yeah, I know what you mean. I mean what else would the point of of this organization be? Between the OS writers, carriers and manufacturers they couldn't come up with a good enough way to harness customer data? Gimme a break. Looking over the executive & board list, it's obviously run by a bunch of silicon valley & telecommunications whiz-kids including ex Apple, Moto, AT&T, Oracle etc, but what is the ultimate advantage to Apple or Google to have this code embedded in the OS? Seems rather fishy.
That's an interesting point. So in theory as a patient I could sue a hospital because they unknowingly leaked my health data to CarrierIQ. And the hospital could sue Verizon for putting CarrierIQ's program on their cell phones.
This should even work without CarrierIQ misusing the data because I never gave my permission to the hospital to pass my data on to a third party but as soon as a doctor texts to a colleague my data are at CarrierIQ and the hospital is in non compliance.
It gets even worse if you look at the health care industry where patient data could get discussed via cell phone texts.
Which is the problem. This is what you get when you lose control of your product by pimping it out to every OEM and their dog.
HTC, Motorola, ZTE . . . they're all a part of the experience once the device gets into the user's hands. There's no getting around that.
The User Experience process doesn't end when the OS or code is released. It's an entire process, from cradle to grave. Google simply has a fundamental disrespect for what they produce. A great OS that is universally licensed . . . is a contradiction in terms. There is no such thing.
Any evidence or actual specific laws or precedents?
Did they win?
No, it is a Google-Samsung partnership phone manufactured, sold and supported by Samsung. I have a feeling that we will see it reported in Samsungs market share numbers.
Google? Is that a trick question? For example, Google could impose a minimum privacy policy for all licensees of the Android trademark.
At the very least- Carrier IQ could be held liable for breaching HIPAA compliance if they are "intercepting" data - especially without informing the user. Carriers and Manufacturers could certainly be named in any lawsuit that transpired if they knowingly and willingly aided the disregard for compliance.
It's entirely possible that this is not a HIPAA/PCI/ETC issue at all. I'm not saying for certain it is. I'm also not sure if that angle has even been explored (yet) in regard to Carrier IQ.
I don't know, Carrier IQ sounds like the perfect FBI/NSA front to spy and get every bit of information they want from a phone.
Remember, the govt can remotely activate the microphone and even camera's on phones without anyone knowing they are on. its' why many times the battery can go down much faster... because phone or wifi transmitter is actually in use.
privacy? nope all of this flies in the face of constitutional protections.
Remember, the govt can remotely activate the microphone and even camera's on phones without anyone knowing they are on. its' why many times the battery can go down much faster... because phone or wifi transmitter is actually in use.
privacy? nope all of this flies in the face of constitutional protections.
It is, it's just not at all what was being discussed, which was my point. Kalsta's comments have nothing to do with the "Freedom" provided by open source. While great examples of "freedom" the iOS platform presents (in the form of its flexibility and breadth of frameworks available to 3rd party developers), it has nothing to do with the "freedom" provided by open source software (freedom from the vendor of the software).
That's something people have a real problem grasping and when discussing open source, you really need to understand the concepts to even begin discussing what is and isn't "more free". Otherwise, you slip and fall quite off topic like our friend did.
Anyway, none of this has anything to do with Open source at all. Android being open source does not enable this Carrier IQ thing. This is not a "weakness" of open source as the Carrier IQ stuff is also installed and used on closed source platform. This is simply a case showing that you can't really trust outside vendors/service providers with your privacy rights, as they will always try to gain more information on you to "optimize" their service offerings.
License can be modified. But I don't think google will, since it will want to maintain its "open" nature of the OS. Putting too much requirements on the licensing will tarnish the openess of it. But Google CAN assert some authority on this issue, it's a matter of willingness.
Google has always been taunting Android's open-source nature. I think open-source is good, but it may not be for the majority of the consumers. The openess of Android means that third party developers including telcos and manufacturers have too much freedom to customize the OS at root level. Therefore although you gain more freedom from the perspective of developers, does this also translate to true freedom to the end users? Does customization flexibility defines true freedom in Android? I doubt so. Freedom always come with a price, and the price for that in Android is often uncurated sub par apps despite the assortment of apps available, and malware-infested ecosystem. The idea of open-source is an holistic idea, truly combining the idea of sharing a piece of information that can be improved upon by the public. Yet commerically such idea is often abused for profits and personal gains.
In the context of Android's open-source nature, such holistic endeavor has been marred when developers abused such concept and developed ill-intended apps and malwares. Moreover such openess as well as the agreement between google/telcos/manufacturers allows bloatwares as well as hidden apps to run on the phones. Sure, some may say it is also the open nature of Android that allows users to spot CarrierIQ, and i will thus rebuke by asking why offer such power in the first place? Isn't prevention always better than cure? Custom ROMs are developed because of Android's open-source nature. But to choose and decide upon a stable release that's usable on a daily basis for the mass is one of the hurdles, since custom ROMs are often a work-in-progress. So despite having a multitude of option and freedom of choices, yet we are also confronted by the uncertainty in experience quality because of this same multitude. I would think majority of phone users actually expect reliability on their phones for use. Sure some would find time to customize their phones, but certainly not to the extend of modifying to the root level? Even if some do, what is the percentage of these users?
There is absolutely nothing wrong with an open-source, or a curated OS. Like many things in life, there are more roads that lead to Rome. However for the choice you make, some sacrifice have to come as well.
Weighing your options in deciding on which platforms you choose will ultimately determine the problems you have with the platform. But regardless, a trade-off will be upon you.
I'm my case, a curated platform serves my need because personally I didn't pay a company a truckload of cash just so I have to worry about security issues of my personal information myself, and the nature of apps I buy. I would rather let the company curates for me, IF I trust the company enough. And I do trust because I truly believe Steve Jobs when he said in D8 conference that is truly serious about users privacy, because this thinking is often reflected throughout the products.
Steve Jobs may be many things, but at least his vision about product perfection is aligned with mine, and he ain't gonna allow a phone privacy issue tarnish the company he has fervently built.
Over his dead body.
But who would police it, and what would the penalty be?
HTC for example fills their Android phones with buggy apps [1] full of security exploits.
It takes time to figure out these things, phones are on the market and then Google finds out.
What happens then? Google demands HTC pull the phone from the market? Google terminates HTC's licence?
Imagine the scandal that would be. All the other manufacturers would run away!
[1] http://www.theregister.co.uk/2011/11/30/google_android_security_bug/