Spyware rootkit in many phones -- iPhone included

By Richi Jennings (@richi ) - December 1, 2011.

Disturbing facts continue to emerge about the spyware/rootkit that comes as standard with many

Carrier IQ logo
smartphones today -- perhaps most of them. The pre-installed Carrier IQ software is hidden, and can't be disabled by most users. In IT Blogwatch, boggling bloggers say rabbits; white rabbits.

Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: Founder of MetaFilter interviews founder of Slashdot...

    Jaikumar Vijayan reports:

[S]ecurity...researcher Trevor Eckhart...earlier this month published a document explaining how Carrier IQ's software...could be used to log detailed information about the phone user's activities. ... Eckhart likened Carrier IQ's software to a rootkit...[which] can collect virtually any kind of data...without the user's permission.


In many cases, the software is hidden from users...and is relatively hard for non-technical users...to remove, Eckhart maintained. ... Carrier IQ sent a cease-and-desist letter to Eckhart. ... [T]he Electronic Frontier Foundation (EFF), which promptly agreed to defend the researcher. ... "Given that there is no basis for your legal claims, we must conclude that your threats are motivated by a desire to suppress Mr. Eckhart's research,"...the EFF said in its letter. ... CEO Larry Lenhart...apolog[ized] to Eckhart and...withdr[ew] its threat.   

   Dan Goodin adds:

[M]illions of smartphones are secretly monitoring...[their] users. ... Eckhart showed how software from...Carrier IQ recorded in real time the keys he pressed. ... [He] demonstrated how each numeric tap and every received text message is logged.


Even though he denied the...request that he share his physical location, the Carrier IQ software recorded it...[and] recorded the precise input of his search query...even though he typed it into a page that uses...SSL.


In an interview last week, Carrier IQ...[asserted] it never captures key presses. ... More than 19 hours [later], Carrier IQ [has] yet to respond to a request for comment.   

Philip Elmer-DeWitt does the fanboi gloating dance:

The app comes pre-installed on more than 140 million handsets, including phones made by Samsung...and Research in Motion -- but not Apple.   

But wait! Grant “chpwn” Paul says iPhones have it too:

Apple has included a copy of Carrier IQ on the iPhone. ... But is this version of Carrier IQ the same...as on Android? ... [N]ot quite. ... It does access: ...

  • your phone number
  • your carrier
  • your country
  • active phone calls...(not what number was dialed or it was received from) ...
  • your location (Only, however, if Location Services are enabled)
  • (Possibly more I haven’t yet found.) ...
It appears that if you really care about this, Windows Phone 7 is the only mobile operating system without this installed.   

And John Gruber picks up the baton:

Worth noting that it appears that nothing gets submitted to Carrier IQ if you opt-out with the “Send Automatically” switch...deep inside [iOS] Settings.


[It] looks like Google is moving to distance itself...from Carrier IQ. If this turns into a scandal it’s going to get pinned...on the carriers.   

   And Finally...
Founder of MetaFilter interviews founder of Slashdot
Don't miss out on IT Blogwatch:

Richi Jennings, your humble blogwatcher

Richi Jennings is an independent analyst/consultant, specializing in blogging, email, and security. He's the creator and main author of Computerworld's IT Blogwatch -- for which he has won American Society of Business Publication Editors and Jesse H. Neal awards on behalf of Computerworld. He also writes The Long View for IDG Enterprise. A cross-functional IT geek since 1985, you can follow him as @richi on Twitter, pretend to be richij's friend on Facebook, or just use good old email: itbw@richij.com. You can also read Richi's full profile and disclosure of his industry affiliations.

Copyright © 2011 IDG Communications, Inc.

Shop Tech Products at Amazon