Inside Carrier IQ-gate
What carriers and handset makers do with your personal info is none of your business
Computerworld - A scandal erupted this week around the discovery of secret software running on most smartphone handsets in the U.S. that tracks and logs personal activity on the phones.
The software is marketed to carriers and handset makers as a diagnostic tool that can be used to improve phone service. Critics say it's a hard-core violation of privacy. And the critics are right.
A security researcher named Trevor Eckhart posted a video Tuesday showing Carrier IQ software harvesting personal data without permission or even the option to turn it off.
According to the video, Carrier IQ gathers and logs every physical button pressed, phone number dialed, the full text of text messages, and even search data over https connections, which are supposed to be encrypted. The software can capture details about videos watched, apps used and the users' location.
It's unclear whether, when, or to whom this logged data is transmitted, or where it is stored and who has access to it.
Carrier IQ threatened to sue Eckhart, who turned for protection to the Electronic Frontier foundation.
Senator Al Franken wrote a letter to Carrier IQ president Larry Lenhart this week demanding that he specify exactly what's done with user data.
As Carrier IQ customers, carriers and handset makers are able to access data collected by the software. They can even specify "triggers" that when certain events occur, they can be specially logged, and the details of those logs sent to the carrier.
However, the larger risk is the existence of the harvested data. It's stored somewhere, and could be theoretically copied, accessed, hacked, stolen or leaked.
Carrier IQ has more or less admitted that the company could read the text messages of anyone using a phone that's running the software and read other data. But they claim the ability is largely theoretical.
Carrier IQ's VP of marketing, Andrew Coward, told AllThingsD this week that "We don't read SMS messages. We see them come in. We see the phone numbers attached to them. But we are not storing, analyzing or otherwise processing the contents of those messages."
Coward said, in a nutshell, that Carrier IQ is simply providing a service to the carriers, who are themselves only trying to improve service.
The cynical conspiracy to exploit your personal information
The guilty parties in all this are trying to frame the issue as a question over whether or not well-intentioned performance monitoring is an invasion of privacy.
- Lawmaker pushes consumer notification bill in wake of Carrier IQ concerns
- Goodbye 2011 ... What a year!
- Sprint disables Carrier IQ software on its handsets
- Iran tricked U.S. spy drone into landing in country, report says
- FBI never sought Carrier IQ data, director says
- Carrier IQ moves to allay fears of its tracking software
- FBI rejects FOIA request for Carrier IQ info
- Google's Schmidt calls Carrier IQ software a keylogger
- Carrier IQ downplays 2010 patent request
- 8 companies hit with lawsuit over Carrier IQ software
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Pay-as-you-Grow Data Protection: IBM Tivoli's Full-featured Data Protection Suite for Small to Medium Businesses IBM Tivoli Storage Manager Suite for Unified Recovery gives small and medium businesses the opportunity to start out with only the individual solutions...
- Streamline Data Protection with IBM Tivoli Storage Manager Operations Center IBM Tivoli Storage Manager (TSM) has been an industry-standard data protection solution for two decades. But, where most competitors focus exclusively on Backup...
- Simplify and Consolidate Data Protection for Better Business Results Learn about IBM® Tivoli® Storage Manager Operations Center, which provides advanced visualization, built-in analytics and integrated workflow automation features that leapfrog traditional backup...
- HP HAVEn: See the big picture in Big Data HP HAVEn is the industry's first comprehensive, scalable, open, and secure platform for Big Data. Enterprises are drowning in a sea of data...
- Data Protection and Disaster Recovery with iSCSI and VMware Get this on demand webcast now
- Meg Whitman presents Unlocking IT with Big Data During this Web Event you will hear Meg Whitman, President and CEO, HP discuss HAVEn - the #1 Big Data platform, as well... All Privacy White Papers | Webcasts