Technology

Manufacturers Admit to Using Program That Some Say ‘Spies’ on You

Some manufacturers admit to using Carrier IQReports of phones that do and don’t have Carrier IQ software — the program we’ve reported on that logs actions such as dropped calls and phone numbers dialed — have been emerging since Trevor Eckhart first announced finding the program and demonstrated its logging capabilities.

Now, manufacturers are coming forward and fessing up to including the program on their phones, but are stating that it is for evaluating phone performance, not tracking personal messages or numbers dialed. This is the same sentiment Carrier IQ has issued about the program since Eckhart called it out.

Computerworld (via Gizmodo) reports that AT&T, Sprint, T-Mobile and HTC and Samsung have admitted to using the program:

Both wireless carriers AT&T and Sprint insisted that the software is being used solely to improve wireless network performance while phone makers HTC and Samsung said they were integrating the software into their handsets only because their carrier customers were asking for it.

T-Mobile said that it, too, uses Carrier IQ’s software, which it described as a diagnostic tool to troubleshoot device and network performance. “T-Mobile does not use this diagnostic tool to obtain the content of text, email or voice messages, or the specific destinations of a customers’ Internet activity, nor is the tool used for marketing purposes,” the company said in an email statement.

Computerworld goes on to report Mark Siegel, executive director of media relations at AT&T, neither confirming nor denying whether the program was installed in all handsets. Here‘s what Sprint’s spokesperson said about the company’s use of the program:

“We collect enough information to understand the customer experience with devices on our network and how to address any connection problems, but we do not and cannot look at the contents of messages, photos, videos, etc., using this tool,” she said via email [to Computerworld].

“The information collected is not sold and we don’t provide a direct feed of this data to anyone outside of Sprint.” She added that Sprint’s privacy policy makes it clear that the company collects device information, including how it is being used.

Verizon is among the Carrier IQ deniers, adding that it also doesn’t use any similar program that would perform the same function as Carrier IQ, according to PC World. PC World goes on to state that RIM and Nokia have also claimed they don’t use Carrier IQ, even though Eckhart said the program was found running on devices from both these manufacturers and Verizon. SlashGear reports Google, which makes Nexus phones, has joined the group of naysayers.

Manufacturers Own Up to Carrier IQ Use While Maintaining Its For Performance EvaluationWhile it is becoming more clear which phones may or may not use the program, many are still wondering if we should be worried? Sen. Al Franken (D-Minn.) sent a letter yesterday to Carrier IQ expressing his concerns and demanding answers. In the letter he said, “I understand the need to provide usage and diagnostic information to carriers.  I also understand that carriers can modify Carrier IQ’s software.  But it appears that Carrier IQ’s software captures a broad swath of extremely sensitive information from users that would appear to have nothing to do with diagnostics—including who they are calling, the contents of the texts they are receiving, the contents of their searches, and the websites they visit. ” He then goes on to list several questions and asks for a response by Dec. 14.

In the mean time, some security professionals, according to the LA Times’ blog, have come out to say they disagree with Eckhart’s findings:

“It’s not true,” said Dan Rosenberg, a senior consultant at Virtual Security Research, who said the video shows only diagnostic information and at no point provides evidence the data is stored or sent back to Carrier IQ.

“I’ve reverse engineered the software myself at a fairly good level of detail,” Rosenberg said. “They’re not recording keystroke information, they’re using keystroke events as part of the application.”

The difference is subtle but important. To perform commands, applications need to know which buttons a user has pushed: Your email app needs to know when you tap the reply button, and your phone app needs to know which numbers you press in order to dial. Applications therefore pay attention to which buttons a user is pressing.

But listening for a button press does not mean an application is therefore sending a record of those button presses back to the company, researchers said.

[...]

“It’s just spitting debug messages to the internal Android log service,” sad Jon Oberheide, a co-founder of Duo Security. “It appears that Carrier IQ is indeed collecting some metrics, but I have not seen any evidence that keystrokes, SMS messages or Web browsing session content are being transferred off the device.”

The Times reports the researchers as saying that the program appears to be working correctly and only recording performance metrics. The Times also points out that many manufacturers that have admitted to using the program have long been open with the fact that they collect information about user location and other data.

Comments (32)

  • FLDeb
    Posted on December 3, 2011 at 6:23am

    The one thing that kept coming to mind while reading this was the “smart badges”. The syntax for both are the same. The technology is here to help……….. Let’s take them at their word that the “X device” does not have the capability, storage space, or the intended purpose to be used against the public. Then why is the next logical question not being asked: “How many steps and how hard would it be to turn this device into something really malevolent”?

    We have become a very week society. Sugar coat something enough and we will accept it. Almost every policy that has come about in my life time has had me screaming “I CAN TAKE CARE OF MYSELF THANK YOU EVER SO MUCH”. We have lost the ability to think logically, we now think ideologically which will be our downfall.

    Report Post » FLDeb  
  • CulperGang
    Posted on December 2, 2011 at 8:58pm

    Corporate voyerism, government voyerism = manipulation and CONTROL of you. That is not freedom.

    Report Post » CulperGang  
  • 4-The-Truth
    Posted on December 2, 2011 at 8:12pm

    Next they won’t need photo radar to generate revenue, they will just hack our Trapster that shows the speed limit and how fast you are going and just issue you an email ticket that you can pay with PayPal. Oops I shouldn’t give them any new ideas.

    Report Post » 4-The-Truth  
  • tomloy
    Posted on December 2, 2011 at 4:36pm

    I am certainly glad I don’t have a cellphone. They’re used to track you, now they keep track of what you do using it, why would anyone WANT one of these?

    Report Post »  
    • CRAPGIVER
      Posted on December 2, 2011 at 11:31pm

      @ tomloy don’t feel too secure, if you drive a car, use a computer, pass a light at intersections, they already know where you are the paranoic zionist are affraid even of their own shadow, so i am sure they probably already track their own shadow, godless people are like that, they just can’t help themselves, with so much destruction they are causing, they know people will respond violently, once the last screw is thighten up

      Report Post »  
    • MrObvious
      Posted on December 5, 2011 at 8:25am

      @CGiver – “zionist” really? “paranoic” fool would have made sense.
      How would you like it if I called you a bigot? The post makes you look like one.

      Report Post »  
  • Bonnieblue2A
    Posted on December 2, 2011 at 2:09pm

    @V-Man Mace
    Sadly I believe you are correct.
    The US Constitution : ratified on June 21, 1788 , destroyed by Congress and Obama on December 1, 2011.

    Time to turn to the Declaration of Independence for the solution to tyranny is given to us there.

    Report Post »  
    • GENE BLISTER
      Posted on December 2, 2011 at 4:57pm

      “You can’t be forever blessed…
      We’ve lived so well so long…
      Still, when I think of the road we’re traveling on,
      I wonder what went wrong, I can’t help it
      I wonder what went wrong.”
      -American Tune Paul Simon, J.S. Bach

      Report Post » GENE BLISTER  
    • lukerw
      Posted on December 2, 2011 at 5:01pm

      The Progressives… thought that they were smarter than The Instruction Books: Bible & Constitution!

      Report Post » lukerw  
  • sadmanwhossane
    Posted on December 2, 2011 at 12:16pm

    run like hell!

    Report Post »  
  • PROTECTNEXTGEN
    Posted on December 2, 2011 at 11:45am

    I’ve been in software development and data warehousing for 14 years and am not bothered by them logging events and diagnostic data. You cannot develop and refine software without logging diagnostics. Oberheid and Rosenberg confirmed my suspicions that the code, as of this point, does not off-load the data in a loadable format. It writes an event log on the phone – which I suspect is kept to a minimum due to the data storage capacity and processing power of the phone. That being said, the software could be updated to either dump the logs in a more easily readable format – which would require someone getting your phone and reading the files from it – or be set up to send the data over a wireless network. On a WiFi phone it would likely be less noticeable if they decided to do it because the byte volume would not be as obvious. I would be concerned but not paranoid. No need for an emotional jag.

    Report Post »  
  • LOJ
    Posted on December 2, 2011 at 11:34am

    More Invasions of privacy and constitutional rights. Why is no one talking about the National Defense Authorization Act. By the end of the week the government very likely will have the power to lock up US citizens for life at Guantanamo Bay or other military prisons…without charge and without trial. This means that in the near future a controversial Twitter post, attending a peaceful protest, or publishing an anti-Congress critique or anti TSA rant on Google could land you in (indefinite detention) for life, in the working of the bill, no access to a lawyer, no access to trial. The Daily Bell Newswire.

    Report Post »  
  • Eliasim
    Posted on December 2, 2011 at 11:20am

    Well go figure. They know people are attempting to correct the mistake of teaching Santa, and they are afraid it will hurt their sales and return the truth about Jesus to the hearts of people, through smacking down the lower deception of Santa that blinds people to the harder truth of an invisible “Man.”

    Report Post »  
  • mike_trivisonno
    Posted on December 2, 2011 at 11:05am

    It’s the same reason why you see ad on The Blaze related to things you have currently searched for online.

    For example I was recently shopping around for a somewhat obscure, industry-specific piece of equipment known as a particle counter. Then when reading The Blaze, their ads magically began displaying offers for particle counters to me!

    All your gizmos send marketing data to slick companies who try to sell you cool stuff.

    Report Post » mike_trivisonno  
  • momrules
    Posted on December 2, 2011 at 10:27am

    The information is not sold………..Hah, if there is a buyer it is sold.

    Report Post »  
    • DONTBESTUPID
      Posted on December 2, 2011 at 10:38am

      Mom, that’s a little conspiratorial and short sighted. The carriers make way too much money to risk selling this data for a relatively small revenue that they could fetch for this type of data. It would be a PR nightmare if this ever got out and it would be a tough secret to keep forever. I should know, I’m one of those guys that buys and sells millions and millions of records on consumers every single month for marketing purposes. Just because their could potentially be a buyer doesn’t mean the owner of the data is willing to sell it.

      Report Post » DONTBESTUPID  
    • sawbuck
      Posted on December 2, 2011 at 11:48am

      @dontbestupid
      You need to get out of the office once in a while and try a hobby like “rabbit hunting“… History is repeating itself and just like a rabbit that circles around , all you have to do is wait and let the rabbit come to you . Some of the “ human race” are the rabbits and some are the hunters. Some of the people (rabbits) are walking while others are running into the kill zone .
      Either way they are both doomed. The only way to stop this madness,
      is to stop running in circles …(Learn from history).

      Report Post » sawbuck  
    • momrules
      Posted on December 2, 2011 at 12:04pm

      @dontbestupid………..I long ago stopped believing in conspiracy theories. There are no theories any more, just conspiracies.

      Report Post »  
  • longun45
    Posted on December 2, 2011 at 10:26am

    Somehow I think the government is involded on this front – unwarranted wiretaps – project eschilon ^3 or 4. The US government has been using companies for years to spy on it’s citizens, why would it stop now.

    Report Post »  
  • twistin
    Posted on December 2, 2011 at 10:14am

    Oh, I guess we should just go ahead and trust them then…not.

    Who knows? Maybe the Chinese makers have a way to “follow” us, know what we say, and text. Who knows? Maybe those with “access” can have a look at whoever they want. You know, just to see where they go, what they are doing, who they talk to, inconsequential items like that……..

    It’s caveman phones for me guys.

    Report Post »  
    • V-MAN MACE
      Posted on December 2, 2011 at 10:24am

      Of course they admit it, it’s been mainstream news for decades that the manufacturers and programmers build backdoors into these devices to allow for government surveillance and datamining.

      Resist the Nazi Police State.

      Report Post » V-MAN MACE  
    • Dishevel
      Posted on December 2, 2011 at 10:45am

      You do not need a caveman phone.
      Go ahead and get yourself a nice Evo 4G or some other nice android phone.
      Then root it and put an Android OS that you want on it and worry not.
      We have power.
      We just need to use it.

      Report Post »  
  • Brussellz
    Posted on December 2, 2011 at 10:12am

    The question I have yet to see be raised by anyone is the fact that this is also using the customer’s network to send back the packets of data to the carrier. Another words, it’s using our DATA usage on our plan to send this information collected back to them, whoever is spying on us.

    So what it boils down to is, not only are they spying on us or whatever, but we are also paying for them to do it. Win Win for the Carriers !!

    Report Post » Brussellz  
  • zman173rd
    Posted on December 2, 2011 at 10:05am

    The Police Are Not Your Friends. I am told that any government entity that has your cell phone number can track you and your whereabouts WITHOUT a Search Warant. This is only a small piece of proof that they can do this without your knowledge. Power corrupts. Law enforcement officials can get this info anytime from any of these agencies/companies with a Warrant but will do so after they get initial data from your cell phone (illegally?). “I‘m from the Government and I’m here to help you.” I carry a cellphone that my company provides, that’s it. I‘m no conspiracy freak but you do begin to wonder what’s up out there.

    Report Post » zman173rd  
    • oldguy49
      Posted on December 2, 2011 at 10:13am

      and the fact that congress just voted on helping immigrants bring in there extended families easier……..and that the government now has a bill that will allow the president to use the military as a police for in the u.s. for the first time in 135 years is of no concern here?……………little by little

      Report Post »  
    • loriann12
      Posted on December 2, 2011 at 10:21am

      I keep remembering when I got a flyer on my door stating that there was a company who was offering FREE cell phones to anyone on a government program (welfare, SSI, etc.).

      Report Post »  
    • V-MAN MACE
      Posted on December 2, 2011 at 10:27am

      Well, with the National Defense Authorization Act, we don’t have any rights anyway.

      We can be arrested and detained for life without due process or outright killed by our criminal government.

      Welcome to the USSA. Nazi America.

      It was nice being somewhat free for a few generations, wasn’t it?

      IT’S ALL OVER.

      Report Post » V-MAN MACE  
  • GreenSicko
    Posted on December 2, 2011 at 10:05am

    Here is a link to software that can remove the rootkit they use. There is a android app for a buck too.
    https://market.android.com/details?id=com.treve.loggingkey
    http://forum.xda-developers.com/showpost.php?p=17612559&postcount=110
    http://lifehacker.com/5863895/carrier-iq-how-the-widespread-rootkit-can-track-everything-on-your-phone-and-how-to-remove-it

    Report Post » GreenSicko  
  • Darmok and Jalad at Tanagra
    Posted on December 2, 2011 at 10:01am

    I just sent them a text, it contains a F, a C, a K, and a U. Record those key strokes.

    Report Post » Darmok and Jalad at Tanagra  
  • Snowleopard {gallery of cat folks}
    Posted on December 2, 2011 at 10:00am

    I imagine this is from the basic route used by Obama and Napoletano anymore — comply and be safe or you will face our version of justice and be liquidated.

    Report Post » Snowleopard {gallery of cat folks}  

Sign In To Post Comments! Sign In

Sign Up For Our Newsletter!

Glenn Beck Radio

Listen to Glenn Beck 24/7 Listen Now
Restoring Love