When Two Quarrel, The Third Takes The Price

This is pretty easy to understand-  isn’t it? 😉

The only interesting part of this architecture is this one: “On some phones, in some configurations. These logs may be transmitted to various third parties in crash reports, etc.”

What shall this mean?

As I already described in my last post “find your way or die trying”, this post has to do with data protection and with a scandal of the software Carrier IQ, also called “rootkit” or “Keylogger” allegedly saving user data.

As I was following or rather tried to follow what was going on, I could notice that still there cannot be found a common sense or a conclusion.
New details and opinions are emerging every day and while I am still not able to inform you what exactly Carrier IQ did, I can just assure you that enough people are fundamentally opposed to data collection that takes place without the user’s consent so that the scandal will be treated and investigated profoundly.

Facts
•    Carrier IQ’s program is on around 150 millions of devices, mostly in the US and without the knowledge of the users.
•    The software is hidden deep within your device and not easy to find.
•    There is no opt-in for users to voluntarily participate in the tracking.
•    There is also no opt-out or easy way to remove the program.

What Carrier IQ was originally designed for
According to Carrier IQ itself,”Mobile Service Intelligence is the process of analyzing data from phones to give you a uniquely powerful insight into mobile service quality and user behavior.

 “Carrier IQ’s Mobile Service Intelligence Platform (MSIP) is the smart database at the heart of our solution. It receives raw data (known as Metrics) from phones and converts them into reliable, repeatable Measures which feed into analytic applications. The MSIP delivers true enterprise grade performance, with its proven ability to process data submitted by millions of phones with outstanding integrity and security.” 

  • To sum up, as they confirm, Carrier IQ is used to understand what problems customers are having with network or devices to enable them to take action to improve service quality.
  • But as the detector of the program, Trevor Eckhardt states, CarrierIQ has a way to invade privacy and illegally collecting data as it checks in to a server (or receives commands through other various access) with commands to allow someone undetected access.
  • Also the blog “wireless” states that further research suggested that the software likely tracked actions down to the keystroke

Carrier IQ admits
“Our investigation of Trevor Eckhart’s video indicates that location, key presses, SMS and other information appears in log files as a result of debug messages from pre-production handset manufacturer software,” reads the statement. “Specifically, it appears that the handset manufacturer software’s debug capabilities remained ‘switched on’ in devices sold to customers.”
Carrier IQ has also admitted to finding a bug in their own software that “in some unique circumstances, such as when a user receiver an SMS during a call,” might collect the said text in the IQ Agent installed on the phone.

However it denied decoding those messages or passing them on to third parties.

But still, the wave of information, reliable or not, is enormous and totally unfathomable.

Negative headlines are outbidding each other
•    there are already rumors coming out that the data collected by Carrier IQ is given to the FBI.
•    Travor Eckhardt’s ( the guy who detected Carrier IQ on his mobile phone) video  claimed the software logs every text message,  Google search and phone number typed on a wide variety of smartphones and reports them to the mobile phone carrier.
•    Some providers allegedly block the software Carrier IQ on mobile phones, e.g. Sprint . Shall this be understood as a confirmation of the assumption?
As the legal proceedings are still going on and no decision has been made until now,

politicians involve:
If you are interested in statements of US mobile providers, read which questions Senator Al Franken put and which answers he received.

Whether or not the program Carrier IQ is illegal- it creates a lot of apprehension.
Therefore, I might give you some advice how you can handle it:
•    Check your cell phone for Carrier IQ:  As Spiegel online states, you can get the free Voodoo Carrier IQ detector on google’s Android app market

-Again, google will also offer you alternatives:

•    If you find it, deactivate it. Google, how to do it.

As I cannot give you the explanation for all cell phone models, I offer you a description for Blackberry:
-Enter application management. Options -> Device -> Application Management. For devices   running a BlackBerry OS prior to 6.0, check out this Knowledge Base Article
-Press the menu key (the BlackBerry logo one) and select Modules from the list
-Look for the IQAgent module. In OS 6.0+, you can search for “IQ” or “agent”
-The net_rim_bb_drm_agent is fine and not a part of CarrierIQ — if that’s all you see, then  CarrierIQ is not present.
Highlight the IQAgent module, press the menu key, and choose delete
-You may be prompted to restart your BlackBerry
I hope nobody of you is concerned !

Advertisements
Leave a comment

2 Comments

  1. I think I am scared to turn my phone on 😉

    Joke. I think exactly the opposite is the case…you found a way to present your topic very objectively without giving it too much own opinion during the presentation of the topic. This way you gave us the possibility to form our own opinion on the topic…

    So I think you really did some great work on this post and it was a great continuance of your post about your first steps. It could have been a little shorter but I understand that such a complex topic was different to compress further.

    Reply
  1. fashion2011marketing

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: