Trevor Eckhart, the soul who has taken it upon himself to expose CarrierIQ and the carriers who use them, has recently published a video showing what exactly is going on inside your ROM when Carrier IQ is enabled.
He shows a number of different things, including how keystrokes on external buttons are recorded, how keystrokes on the dialer are recorded, how outgoing (and maybe even incoming) text messages are captured and even how CIQ can see what you’re doing in your browser on a secured session. It’s all pretty alarming, actually.
This type of service, in my opinion, stretches far beyond the boundaries of privacy, especially considering the common user has no clue that any of this is going down. And even if they did know, it’s still alarming just how much information it collects.
Check out the video above and let’s hope this is the beginning we need to get carriers and OEMs that are using Carrier IQ to stop putting it inside of their devices. The video’s above (it’s a lengthy 17 minutes, but well worth it if you have been curious about this subject).
If you want to know if your phone has this software, Trevor has created a nice application called Logging Checker that checks to see if you’re subject to such intrusive practices. If you are, most ROM developers have caught on and have given the community ROMs without this filth built in. Be sure to check your favorite development forum for your phone.
Props to Eckhart for finding this out, and not giving up on exposing Carrier IQ for what it is; even after the cease and desist.
This is the NUMBER ONE reason I will always buy a phone that has an UNLOCKED BOOTLOADER and can be Rooted.
Is could constitute ground for class action actually. Let’s see how HTC answers this.
Somebody needs to get slapped with the Constitution before all our informations are belong to them.
Thx for the post Quent.
Not sure they had cell phones when they wrote the constitution. *eyeroll*
Trevor needs give this video to CNN or some other news station. Once they broadcast this It’s all over for Carrier IQ.
Agreed… as well as a significant blow to HTC and all other manufacturers installing this spyware on all their customer’s devices.
This is getting out of control, not only do we have to pay for our phone, calls, text, data, but they could be also be making money out of us by selling this info. I’m not saying that they are but if? OUT OF CONTROL
This definitely justifies being rooted. I’m curious if it existed on my Droid Inc before root???
This is a fucking outrage! Any carrier and handset maker that voluntarily allowed this shitware to be included without our knowledge needs to be held responsible!
Exactly…prosecute those carriers/handset makers for aiding in the violation of users privacy!!!
I don’t care if they make/sell android hardware…this is outrageous and needs to be stopped in the bud!
I just sent an email to my Senator, Ron Wyden who stopped COICA from going through a few days ago:
Dear Senator Wyden,
Let me start by saying thank you for your position on COICA.
We need more like you watching out for unnecessary regulation on the internet
and protecting our free speech.
This is my first time writing a senator or any other state
or government official, but I really wanted to bring something to your
There is a company called CarrierIQ that has software
installed on millions of cell phones across the United States. This software is
pre-installed and cannot be removed.
CarrierIQ has received recent coverage in several
“geek” news sites around the internet for the appalling amount of
private information that is collected and sent to the company for marketing and
whatever other purposes. CarrierIQ has started to send cease and desist orders
to those in the online community for investigating what information the
software is collecting on their own personal cell phones and for publishing
their findings on websites, blogs, and in informational videos.
Outlined below is some of the information collected and sent
Numbers typed in, not even dialed.
Dialed “sent” numbers.
SMS Text Messages send and received.
SMS messages NOT sent as well (drafts, typed but deleted,
Secured and unsecured web searches
Secured usernames and passwords
Cell tower location
Wifi Access Location
And many more…
SSL (secure Socket Layer) websites are supposed to be
encrypted, but this software bypasses that encryption to collect personal and
sensitive information. People who use their phone to access online banking
through a SECURE website are sending CarrierIQ their usernames and passwords to their bank accounts without their knowledge!
Further, this information is sent at the COST OF THE USER to
CarrierIQ. With increasing costs of mobile bandwidth and internet access, why
are we paying for this data to be sent? I am unsure if this information is
collected with our permission or not, since there are several “End User
License Agreements” that we must agree to in order to even use our cell
phones, which are rarely read.
This application is running whether you want it to or not.
You cannot remove it without voiding your phones warranty. As far as I am
aware, this application comes pre-installed on most Android smart phones.
Android is the fastest growing phone operating system. It is sold by Motorola,
HTC, Samsung, and LG smart phones to name a few of the manufacturers. Android is on more than 42% of smart phones, more than Apples iPhones (28%) and it is continuing to grow worldwide.
It’s one thing when the general public knowingly shares
information on Facebook or Twitter or in online blogs, but this company
“hides” their data collection and knowingly collects information the
general public believes is safe and secure. They have gone too far and they are
trying to silence those who have discovered what they are doing.
I don’t know what you can do, if anything. It’s not just the
Googles and Facebooks of the world that are skirting the edges of privacy
rights, but the small companies that nobody has ever heard of that try to stay
out of the media that really rape and pillage our privacy, and on our own dime,
to make their millions.
Thank you for your time.
EXCELLENT! If you don’t mind I’ll like to reference your letter in face book post.
Go for it. The more attention this gets the better. I also shared it on google circles and made it public.
Please do share it wider. This kind of secret wiretapping should not be tolerated. This is also one of the reason I prefer the Nexus phones (stock Android) or an easy way to root and get rid of all the carrier crap.
I actually just sent this letter just changed a bit to my two senators as well as my representative in Congress…hopefully something gets done about this
Another reason to buy bloat-free nexus phones?
Or are even those not-safe from spyware?
Verizon is pre-installing certain unremovable things on their Galaxy Nexus. I wouldn’t be surprised to find this on there.
Glad I”ll be owning the GSM nexus galaxy then…
Its installing two pieces of software – both of which are removable.
You may disable them, not remove them. In fact, even if you root your Verizon phone, removing Backup Assistant usually results in a phone that won’t boot.
You don’t have to be Tom Clancy to make up a plausible scenario for the News Corp phone hacking scandal…
If I was at News Corp I’d have some set me up with a lunch with a guy at IQ’s VC or Private Equity firm that we had several $100million invested in and have him speak to an IQ guy, who would hand an Intern a note to pull a file and interoffice it another intern on a different floor who left the company last week, pick it up in the mailroom and pass it on…..bingo!
Now let’s empty this poor girls voice mail box….
No….what an I thinking…something like that could never happen.
I like how he repeatedly thanked HTC for presenting users with a choice with regard to privacy related features, yet failed to hold them accountable for installing Carrier IQ’s software on their devices in the first place.
Sure, Carrier IQ is evil, but device manufacturers and carriers who include their software are just as evil.
It’s nothing different than what your carrier or Google already does. The carrier already has information about who you call and what sms messages you send and receive. Google has your search history in a database. Many other companies silently record information about your usage too.
Analytical tools are enticing to developers because it is the best way to gather information about how users use their applications and services. If it is not Carrier IQ, carriers and developers will use something similar to get the data it wants.
Great video, 5 stars! Would watch again!
In all seriousness, This video does a great job of exposing CIQ! Let’s see them try to weasel their way out of this one after claiming that they only used data to provide carriers feedback for better service! Carriers nor CIQ need to be knowing what text/keystrokes are being sent from/to your phone. The only data that I could see being relevant at all is to log what kind of signal strength and signal quality was present at the time that you tried to do a certain action, but completely exclude all text and keystrokes.
wow, just … wow
I reached out to Rogers in Canada about this issue last week. I made it clear that if this software was installed on any Rogers devices we would be referring the matter to the Canadian Privacy Commissioner.
Today Rogers got back to me to say that they do NOT use carrier IQ.
That said, we still plan to use TrevE’s app to determine whether or not the software is installed on our phones.
IF YOU ARE CANADIAN… please check your phone with the app at send me a tweet at @mjsoctober if you have evidence of Carrier IQ on an Android device from a Canadian carrier.
All in favor of a class action suit against our carriers/htc(etc)/CIQ…Hit them were it hurts… in the check book.
Glad I install custom ROMs on all my devices. Hope all the devs haven’t put this in their ROMs.
I just checked and my european unlocked GS2 seems free of that :)
In the UK we have laws against this also and they are enforced by the information commissioner. I do not know if this software is on UK phones but my Samsung Galaxy S2 has a app running called CSC which seems to match this perfectly. If someone can confirm I will make the complaint to the commissioner.
Let’s bring these fuckers down.
I have a feeling this scandal going to get very very ugly. We gonna need more popcorns.
We don’t have it in Europe, it’s an American problem. Big Brother is watching you again my American friends, go and install a custom ROM, they are free of it.