• Follow us on Twitter @buckeyeplanet and @bp_recruiting, like us on Facebook! Enjoy a post or article, recommend it to others! BP is only as strong as its community, and we only promote by word of mouth, so share away!
  • Consider registering! Fewer and higher quality ads, no emails you don't want, access to all the forums, download game torrents, private messages, polls, Sportsbook, etc. Even if you just want to lurk, there are a lot of good reasons to register!

Phone "Rootkit" Maker Carrier IQ May Have Violated Wiretap Law In Millions Of Cases

Jump to latest Follow Reply
Sort by date Sort by votes
Muck

Muck

Enjoy Every Sandwich
Forbes

A piece of keystroke-sniffing software called Carrier IQ has been embedded so deeply in millions of Nokia, Android, and RIM devices that it?s tough to spot and nearly impossible to remove, as 25-year old Connecticut systems administrator Trevor Eckhart revealed in a video Tuesday.

That?s not just creepy, says Paul Ohm, a former Justice Department prosecutor and law professor at the University of Colorado Law School. He thinks it?s also likely grounds for a class action lawsuit based on a federal wiretapping law.

?If CarrierIQ has gotten the handset manufactures to install secret software that records keystrokes intended for text messaging and the Internet and are sending some of that information back somewhere, this is very likely a federal wiretap.? he says. ?And that gives the people wiretapped the right to sue and provides for significant monetary damages.?

As Eckhart?s analysis of the company?s training videos and the debugging logs on his own HTC Evo handset have shown, Carrier IQ captures every keystroke on a device as well as location and other data, and potentially makes that data available to Carrier IQ?s customers. The video he?s created (below) shows every keystroke being sent to the highly-obscured application on the phone before a call, text message, or Internet data packet is ever communicated beyond the phone. Eckhart has found the application on Samsung, HTC, Nokia and RIM devices, and Carrier IQ claims on its website that it has installed the program on more than 140 million handsets.

.../cont/...
Click to expand...

And of course...

.../snip/...

Over the last month, Carrier IQ has attempted to quash Eckhart?s research with a cease-and-desist letter, apologizing only after the Electronic Frontier Foundation came to his defense. Eckhart?s legal representation at the EFF declined to comment on the legality of Carrier IQ?s business practices.

.../snip/...
Click to expand...
 
[ame="http://www.youtube.com/watch?v=T17XQI_AYNo"]Carrier IQ Part #2 - YouTube[/ame]

http://gizmodo.com/5863849/your-android-phone-is-secretly-recording-everything-you-do

Of note:

If you have any decently modern Android phone, everything you do is being recorded by hidden software lurking inside. It even circumvents web encryption and grabs everything?including your passwords and Google queries. Worse: it's the handset manufacturers and the carriers who?in the name of "making your user experience better"?install this software without any way for you to opt-out.
Click to expand...
Update 1: Nokia claims they don't use Carrier IQ's spyware.
Update 2: Hackers have found Carrier IQ in Apple iPhone, but only works in diagnostic mode?which is off by default?and only logs technical data.
Click to expand...

Who has this problem?

It seems like a good goal and, indeed, most manufacturers and carriers agree: according to Eckhart, the spyware is included in most Android phones out there.

Eckhart claims that Carrier IQ software is also included in Blackberry and Nokia smartphones too. It probably works exactly the same in those smartphones as well. However, there's no proof showing these problems in those phones.
Click to expand...

How does it work?

Carrier IQ's software is installed in your phone at the deepest level. You don't know it's there. You are never warned this is happening. You can't opt-in and you certainly can't opt-out.

The commercial spyware sits between the user and the applications in the phone so, no matter how secure and private your apps are, the spyware intercepts anything you do. From your location to your web browsing addresses and passwords to the content of your text messages.

This even happens using a private Wi-Fi connection instead of the carrier 3G or 4G connection.
The company denied all this in a public statement (PDF):

But the video clearly demonstrates that this is not true: Keystrokes submit unique key codes to Carrier IQ. Even secure connections are intercepted by the spyware, allowing it to record your moves in the open. These connections to the web are encrypted but, since Carrier IQ's spyware sits between the browser and the user, it grabs it and sends it in plain text.

The spyware can even log your location, even if the user declines to allow an app to know where it is. The hidden Carrier IQ app ignores your desires, intercepts the data and gets your location anyway.
Click to expand...
What can you do to avoid it?

Unfortunately, not much. The hidden spyware is always running, and there's no option in any of the menus to deactivate it. Unless you're a grade-A blackbelt hacker, you're out of luck. Even Eckhart, who is a developer, finds it difficult to remove:
Click to expand...
 
Upvote 0
http://news.cnet.com/8301-31921_3-57335715-281/how-carrier-iq-was-wrongly-accused-of-keylogging/

How Carrier IQ was wrongly accused of keylogging

In just a few days, a startup company named Carrier IQ has been subjected to extraordinary public vilification, with reports accusing it of making a "rootkit keylogger" that "creeps out everyone" or is the "rootkit of all evil."

The only problem, which is always a risk when a public lynching takes place, is that Carrier IQ appears to be not guilty of the charges lodged against it.

The most serious charge against Carrier IQ, a venture capital-funded startup in Mountain View, Calif. that makes diagnostic software for carriers, has been that it records keystrokes and transmits them to carriers. One article on a Mac Web site breathlessly reported that "Carrier IQ probably violated federal wiretap laws in millions of cases." (See CNET's FAQ and related articles.)

Well, no. There's zero evidence that Carrier IQ captured, recorded, or transmitted any keystrokes. But that didn't stop the self-appointed lynch mob on blogs and on Twitter (#OccupyCarriers, that would be you).

Dan Rosenberg, an exceptionally talented security consultant who has discovered more than 100 vulnerabilities in the Linux kernel, FreeBSD, and GNU utilities, extracted a copy of Carrier IQ's software from his own Android phones. He then analyzed the assembly language code with a debugger that allowed him to look under the hood.

"The application does not record and transmit keystroke data back to carriers," Rosenberg told CNET. His reverse-engineering showed that "there is no code in Carrier IQ that actually records keystrokes for data collection purposes."

Carrier IQ has given Rebecca Bace, a well-known security expert who's advised startups including Tripwire and Qualys, access to the company's engineers and internal documents. (Bace says she has no financial relationship with Carrier IQ.)

Bace told CNET that: "I'm comfortable that the designers and implementers expended a great deal of discipline in focusing on the espoused goals of the software--to serve as a diagnostic aid for assuring quality of service and experience for mobile carriers."

Cont'd ...
Click to expand...
 
Upvote 0
Dryden;2055030; said:
http://news.cnet.com/8301-31921_3-57335715-281/how-carrier-iq-was-wrongly-accused-of-keylogging/
Click to expand...
Interesting that a cnet article attempting to correct a misapprehension that CarrierIQ is a malevolent piece of snooping software itself cites as an original hysterical evil an article on Cult of The Mac which was actually quoting a column headline (yes explosively) from one of Forbes staff writers.

My point may seem minor, but honestly, when the Forbes article from 11/30/201 cited by Cult of the Mac on 12/1/2011 actually uses these words in the headline:
Phone 'Rootkit' Maker Carrier IQ May Have Violated Wiretap Law In Millions Of Cases
Click to expand...
and those words are then attributed as originally authored elsewhere (on Cult of the Mac) by cnet it just seems misplaced. I think it might be correct to first point to the establishment press that screeched the rumor from the rumor from the rooftops - rather than the Mac blog which simply regurgitated Forbes' fully formed hyperbole - from the pen of their staff "Security" writer ?

Especially so if your point is to denigrate the messenger - at least shoot your barbs at the first to start the poisoned whispers.

Then take to task those who foppishly believed it to be true, because it was on the intertubes.

There's an order to everything in life, blogs and the universe and cnet can and should do better.
 
Upvote 0
You must log in or register to reply here.
Back
Top