Carrier IQ software accused of tracking phone users

Carrier IQ has been in the Internet spotlight in the last few days. The Mountain View, California based company creates software that is used in millions of smartphones, including Android and Blackberry-based devices. Carrier IQ claims the software is used to monitor "the performance of mobile devices and networks to assist operators and device manufacturers in delivering high quality products and services to their customers."

But according to a security researcher who looked into the Carrier IQ software, it may be doing far more than that. The researcher, Trevor Eckhart, claimed that Carrier IQ's program was logging every keystroke made by a user on a smartphone that had the software installed. Indeed, he posted a video to YouTube that seems to show that Carrier IQ's application, IQRD, is logging every single button that is pressed into his HTC-based smartphone, even those buttons found on the phone's touch screen. Also, the program cannot be shut off by any known means without replacing the entire operating system.

At first, Carrier IQ objected to Eckhart's accusations and even sent him a cease-and-desist letter. However the company later pulled that letter and apologized to Eckhart. Carrier IQ still insists that its smartphone program does not log keystrokes or have any tracking tools. It also claims the program doesn't look at any email or text messages generated on smartphone nor does it provide any real time data from a user's smartphone to any of its customers.

Despite Carrier IQ's statements, the fact that the program cannot be shut off or deleted by a smartphone user without taking some drastic measures is troubling. So far, Carrier IQ has given no indication that a user can opt out of having that information gathered by the program.

Report a problem with article
Previous Story

Gaming news round-up: November 30

Next Story

Every Windows Phone now receiving Mango update

31 Comments

View more comments

Anaron said,
How difficult was it to remove the Carrier IQ software?

Once rooted it's a 1 minute task to uninstall the apps. I personally didn't have to do it (UK) but it's relatively simple.

flexkeyboard said,
If you have carrier android and ios, then you know you're being tracked. Root it to remove it, up to the challenge?

I'd be up for the challenge if I was affected.

I'm amazed at the lack of outcry about this. "Apple's location brouhaha wasn't even about GPS data it was only a cache of cell tower locations. The problem isn't that the news media aren't sensationalizing this Carrier IQ story. The problem is that they would if it involved Apple."

Edited by shifts, Dec 1 2011, 9:06am :

shifts said,
I'm amazed at the lack of outcry about this. "Apple's location brouhaha wasn't even about GPS data it was only a cache of cell tower locations. The problem isn't that the news media aren't sensationalizing this Carrier IQ story. The problem is that they would if it involved Apple."


Well said. There would have been a huge outcry if this was happening on an iPhone.

Anaron said,
I don't think it's getting enough attention on the web. You'd think a story like this would go viral. After all, it's about privacy and it affects millions of people. It should be on the front page of every tech/mobile news site.

Also, here's the source of your quote: http://daringfireball.net/link...30/imagine-if-it-were-apple

I was having problems at the time of posting. Thanks for posting the link to the mighty DaringFireball

Edited by Yusuf M., Dec 1 2011, 10:54am :

shifts said,
I was having problems at the time of posting. Thanks for posting the link to the mighty DaringFireball
No problem. I also fixed your comment. You replied by typing inside the quote box. At first, it looked like you just quoted me without adding anything.

I think, for whatever reason, this isn't being reported because it's being done by service providers as opposed to manufacturers. This is obvious due to my HTC Desire Z from Bell Canada not having anything like this on it, despite being filled with other crap. For whatever reason, it seems the media isn't intent on calling out a company like AT&T, perhaps due to the massive lawsuits this could cause?

Yeah, it looks like Windows Phone 7 is 100% free of Carrier IQ. It looks like carriers and OEMs are responsible for bundling the software onto smartphones before selling them. Perhaps they don't have a version that's compatible with Windows Phone 7. Either that, or Microsoft simply won't allow any tracking/logging software on WP7 devices.

Anaron said,
Microsoft simply won't allow any tracking/logging software on WP7 devices.

That is not their own. I opt in to the customer experience improvement program all the time.

Drewidian said,
And yet the military chose to go with the least secure platform... SMH...

You really think the military has carrieriq on their approved devices? Dear god...

I wonder what all the Android fans and other Apple haters have to say about this. If you watch the video, you will be surprised how the software logs every keystroke. And messages sent over https are displayed in plain text. This is blatant logging and no wonder the company involved denies this, even after the video shows what is happening.

Being a fan of Android doesn't mean you hate Apple. Also, the Carrier IQ software is on hundreds of millions of devices which include Android, BlackBerry, and Nokia devices. The software is also found in various versions of iOS; however, it isn't as "bad" as other platforms. And from what I've read, no information is sent to Carrier IQ by default in iOS 5.

You can read more information about Carrier IQ in iOS here: http://blog.chpwn.com/post/13572216737

"Worth noting that it appears that nothing gets submitted to Carrier IQ if you opt-out with the “Send Automatically” switch in Settings.

If there anything in Cell Phone contracts that even mentions this software and if not isn't that a violation of some privacy law somewhere.

Another comment I've read is that this is mistakenly being turned into Apple vs Android battle when it's not it's the mobile providers doing this. However my comment stands from earlier, Apple cache cell towers and that was the 2nd coming of the devil and the media jumps on it. Now it;s more than one company up to shenanigans media coverage has been distinctly ...meh

GawD DAMNIT Neowin. Where's the rest of the comment I wrote.... (2nd bleeding edit)

Edited by shifts, Dec 1 2011, 10:06am :

Samsung galaxy s2, sim free, O2 contract..no reference to iqrd in my phone.

Don't know whether to breath a sigh of relief or if it's just got a different name! I want that crap off my phone though.

I bet this software is the reason carriers always have to "approve" software updates on their Android phones: so they can add a rootkit to the ROM. Absolutely ridiculous.

So far, it seems to only affect US carriers. I guess that means we're safe up here in Canada. I wouldn't be surprised at all though if Rogers, Bell, and Telus included the software on their phones.

Commenting is disabled on this article.