Computerworld - The recent disclosure that top mobile phone providers are using software from Carrier IQ that critics say can gather and track all sorts of personal data from a user's smartphone has sparked a firestorm of controversy.
AT&T and Sprint Thursday admitted to installing the software in their phones, but insist that it's only used to collect service related data.
Other carriers deny using the software.
Here's what the controversy is all about.
What does Carrier IQ do?
Mountain View, Calif.-based Carrier IQ sells software designed to help wireless service providers and device makers identify and diagnose service and quality related problems such as dropped calls and battery drain. The software can be used to collect data for analyzing service quality, device quality and what Carrier IQ calls mobile customer experience.
Carrier IQ says its software is installed on over 150 million devices worldwide.
What sparked the controversy over Carrier IQ?
Earlier this month, Trevor Eckhart, a 25-year-old security researcher from Connecticut published details of research he had done showing how Carrier IQ software can be easily tweaked to conduct surreptitious and highly intrusive tracking of Android, BlackBerry and other smartphone users.
Eckhart described the software as a keystroke logging rootkit that is hard-to-detect, hard-to-remove and programmed to run by default on millions of handsets without the users' knowledge.
In addition to collecting device and service related data, Carrier IQ's software can collect data about a user's location, application use, Web browsing habits, videos watched, texts read and even the keys they press, according to Eckhart. The software runs when the phone is switched on and can log all activities till it is switched off. Carriers can set 'triggers' or actions that cause specific data to be logged and sent to them.
Is it known which carriers and handset makers use the tool?
So far, AT&T and Sprint have confirmed that their handsets run Carrier IQ's software. Both carriers insist that the software meets their stated privacy policies and only to collects service and quality-related data. Neither company has identified the handsets running the software. Neither disclosed whether users are notified of its presence or if they can turn it off.
Device makers HTC and Samsung confirmed that their phones include the software, but said they only added it after requests from the carriers.
What about other carriers and handset makers?
Verizon, Research in Motion and Nokia each say they don't use the software in their phones. All three say reports suggesting otherwise are incorrect. There have been several reports that Carrier IQ software has been found on Apple iPhones as well. iPhone hacker chpwn blogged about discovering Carrier IQ on several models "up through and including iOS 5"-based devices. However, the software appears to be easier to disable on the iPhone than on other devices, according to chpwn. Apple has neither confirmed nor denied the reports. The company did not immediately respond to a request for comment.
Free Insider GuideCopyright © 1994 - 2012 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
