Lookout releases free Carrier IQ detection app

Sniffs out controversial software on Android smartphones, but doesn't delete it

A mobile security software company last Friday released a tool that detects Carrier IQ, the software embedded in numerous smartphones that has raised questions from users, privacy advocates and even Congress.

Lookout, best known for its Android security software by the same name, launched the free Carrier IQ Detector last week. It can be downloaded from the Android Market.

The tool only detects the presence of Carrier IQ on Android handsets: It does not scrub the software from the smartphone.

Lookout said that Carrier IQ was "deeply integrated with handset firmware [and] users would be required to attain special device privileges in order to remove it," then warned that doing so incorrectly could "put users at further risk of malware infection" and possibly make them unable to receive future phone updates.

The release of Carrier IQ Detector followed comments from Lookout last week that it would not classify the software as malware, and questioned the label "rootkit" for the tracking and network diagnostic program.

Tim Wyatt, a principal engineer with Lookout, refused to call Carrier IQ "malware," arguing that it just didn't fit the definition.

"Absolutely not," said Wyatt when asked if Carrier IQ was malware. "This is something that was pre-loaded by carriers, not downloaded by users," said Wyatt in an interview last week, arguing that because users hadn't been duped into launching a Trojan horse, Carrier IQ technically wasn't malware.

"It wasn't malware hidden inside an app, so it doesn't fit the Trojan pattern," Wyatt said. "All indications are that it is intended to improve user experience. What's at question is what data is sent to the carrier."

He acknowledged that Lookout and its users were worried about the privacy implications.

"We do have concerns about the data, and under what circumstances it's going out," Wyatt said, noting that his opinion was a reflection of the feedback his company had received from users. "We definitely think that users should be told, and have a choice of opting out in circumstances like this telemetry."

Other security researchers have said much the same.

In a blog post Monday, Dan Rosenberg, a consultant at Virtual Security Research, said that his analysis of Carrier IQ had not found any malicious intent.

"I have repeatedly stated that based on my knowledge of the software, claims that keystrokes, SMS bodies, email bodies, and other data of this nature are being collected are erroneous," said Rosenberg, who like Lookout, called for more transparency from Carrier IQ, handset makers and mobile service providers.

Lookout also called the "rootkit" label many have attached to Carrier IQ "a bit of hyperbole," with Wyatt adding that in the company's view, the software was not conducting "a criminal activity."

Some disagree. Both Congress and consumer advocates have asked the Federal Trade Commission, the Department of Justice and the Federal Communications Commission to investigate Carrier IQ and its practices. The Mountain View, Calif.-based Carrier IQ has also been hit with multiple lawsuits seeking class-action status.

And Carrier IQ's own marketing materials seem to undercut its most recent claims that the software is designed only to diagnose problems in smartphones and the mobile service provider networks they run on.

Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer or subscribe to Gregg's RSS feed . His e-mail address is gkeizer@computerworld.com.

Copyright © 2011 IDG Communications, Inc.

It’s time to break the ChatGPT habit
Shop Tech Products at Amazon