Posted on 12/03/2011 7:56:05 AM PST by Kaslin
If you are like us, every day you pick up a smartphone and you send email, visit with friends on Facebook, send a text message or even log into your bank's website and pay a bill. These modern day conveniences have become routine.
We all believe that our passwords are secure, our data is protected, and life is easier if we don't have to write a check to pay a bill or dig around and find a stamp to send a friend a quick note.
But this morning we are no longer sure. The tech world is in a fury, which we believe will soon break out into society at large, about a little-known software program call Carrier IQ. Over the Thanksgiving weekend a 25-year-old programmer by the name of Trevor Eckhart posted a video on YouTube which graphically displays how our naïve beliefs of privacy are just plain wrong.
The video, which lasts 17 minutes and starts slowly because he methodically goes through the privacy statements on his cell phone, is frightening. If you watch it, you will never look at your smartphone the same again. We have posted the video at Floydreports.com if you want to watch.
The program, Carrier IQ cannot be turned off. But it tracks your every move. Dial a friend's phone, it sends the number off to someone. Send or receive a text message and the message is recorded and sent off. Call up your bank or another website in the allegedly secure https: mode which we have been told is secure, and Carrier IQ is there recording your username, password and any other move you make on your phone.
Rather than calling them smartphones, we should be calling them people monitors. The only action you take which it cannot record is a thought in your head that you refuse to express. These phones are even capable of recording what you say. Scary is not the word for it.
Trevor Eckhart even takes pains to turn of the GPS function for use by Google maps and search and then he demonstrates how Carrier IQ still is logging your position.
Now what can you do about it? The program can only be removed if you hack or as they say "root" your phone. But beware – rooting your phone likely violates the contract you have signed with your carrier, and it clearly voids any manufacturers’ warranty you may have on the device.
Since the video was first posted, others have gone to work and exposed how in addition to Android phones, the Carrier IQ software is also present on I Phones with iOS3 operating system and above.
The privacy issues surrounding smartphones have been numerous, but the exposure of Carrier IQ brings the threat to an entirely new level. Chances are if you have a smartphone, you have no privacy around or while using the device. Be careful.
Makes you understand why criminals all use burner phones.
It seems like the only ones who get privacy are the perverts and pedophiles.
Is Carrier IQ on WiFi iPads and TouchPad as well?
My info had multiple past addressess, my profession, my income and my political orientation, and correct household members. In the past it would have taken A LOT of hunting to get all that together on me from all over the country.
My info had multiple past addressess, my profession, my income and my political orientation, and correct household members. In the past it would have taken A LOT of hunting to get all that together on me from all over the country.
More on the guy who did the youtube video
Trevor Eckhart Speaks: The Connecticut ‘Geek’ Who Ignited The Carrier IQ Smartphone Privacy Scandal
my initial info was wrong on spokeo too (I’m not paying to see the rest)
except for my age - DRAT!
They’re just finding out we have no privacy? the authors are quite slow on the uptake.
This is a bad one. It's hard-coded into the iPhones and Sprint and AT&T use it on their Android phones. Verizon does not; whether it uses an equivalent is not yet apparent.
Sprint's corporate line (and Carrier IQ's) is that it is used strictly for diagnostics to help troubleshoot phone problems, that no one there reads the sensitive material, and that none of it has been or will be sold to anyone else. Unfortunately the scope of the information available to be gathered was demonstrated to be quite a bit beyond any diagnostic excuse: full text of SMS pages, key logging, etc, etc. There is absolutely no guarantee that any of this isn't being gathered.
Apple has stated that they intend to remove the thing in their next major software upgrade. No one else has, so far, made any such commitment.
Yes, every time you click a URL on the Internet the IP addresses go into a log somewhere, but not the keystrokes you make (passwords, bank numbers) or the actual traffic itself. This is far, far beyond anything kept by ISPs.
And you can't get rid of the thing - it is, in that sense, a root kit, although on my phone it shows up as a named process. If you turn it off it turns itself back on when you open a browser. The only way to get it off the phone I have - a Galaxy S2 - is to (1) root the phone, that is, wipe the OS; (2) flash the ROM with an alternate set of firmware, (3) re-install a fresh, non-corporate Android OS. Naturally all of this is strictly forbidden by the vendor as a terms of service violation. Were they equally scrupulous about keeping up their own end we wouldn't be having this conversation.
Lawsuits are, naturally, flying. According to my reading of the privacy text inside my contract (I'm not an attorney) what is capable of being gathered is a blatant violation. The trick is going to be proving who, if anyone, is doing so. But I am ready to dump my carrier regardless, and if they want to charge me for premature cancellation of the contract they are welcome to speak with my attorney.
Thanks. Sounds like a slippery slope that could really be abused in the wrong hands (Gov’t).
If we were still a nation of laws which were are not the first you would have heard about this would be when the Police and Federal agents executed arrest warrants for the perpatrators of "Carrier IQ".
I urge all of you to go to Carrier IQs website and read the anouncement about this scandal. They know that if the law is enforced they are in serious deep doo doo. It says on the anouncement, "your privacy is protected". Well clearly its not as they have illegally obtained all sorts of information from every smart phone in which this is installed. Also very telling is the statement that carriers use this for diagnostic information only, REALLY? Anyone with any technology experience knows you would not run diagnostic software on millions of phones. They are illegally collecting all sorts of information for profit.
Only one appropriate response here and that's warrants and arrests. Rant off
Bookmark and thanks.
I work in an IT environment. What this has done is to take a truly wonderful technical capability right out of my hands - this beautiful and very expensive device is now useless for anything requiring a password because I can't guarantee that the latter is protected.
Incidentally, I left out one very big vendor in my list in the previous post - Research In Motion (aka Blackberry).
Unless they want to. Just ask Joe the plumber. :)
I actually just did that to see what came up and it was a little underwhelming. They listed my home address as a house I moved out of in 1989.
No problem. To protect your privacy, just tell the phone co. you don’t want them to know what number you’re calling and don’t tell Facebook who you’re sending messages to.
Carrier IQ? Are they still in business? Quick, short the stock!
What did you people think ‘smart’ in smartphone meant? More smarter than the user!
The first class action lawsuit was filed a couple days ago against Sprint.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.