This week, a little-known startup by the name of Carrier IQ became one of the most vilified companies in the world thanks to the enterprising investigative work performed by amateur security analyst Trevor Eckhart who initially discovered the existence of the application when performing work on Android security vulnerabilities last month. Â His initial work, which is documented here, led to Carrier IQ filing a Cease & Desist order against him until the Electronic Frontier Foundation stepped in to defend him late last month.
Due to intense scrutiny and media coverage, the cease and desist order was subsequently dropped, with Eckhart continuing further work on investigating Carrier IQ’s software and what it entailed. No one was prepared for how extensive the software performed and just how far it went in order to collect information about device usage patterns and behavior, information that’s meant to help carriers.
What is trumpeted and sold to carriers as the perfect diagnostic solution has ended up becoming the albatross around the neck of a startup and the wake up call sorely needed regarding privacy and information control on mobile devices. After this week, no one on any side, whether it be carriers, Â customers, Carrier IQ, manufacturers and even members of Congress are happy with the situation and it does not look like it will end anytime soon, nor will it end in a tidy manner.
This is a situation that will have consequences far beyond just one company and carrier. Phone manufacturers have begun to distance themselves from Carrier IQ by confirming the inclusion or exclusion of the software in phones, with manufacturers such as HTC and Samsung passing the buck to US carriers, stating that select carriers require it as a part of the development process or use it themselves to improve quality assurance, such as in the case of HTC’s TellHTC customer satisfaction program built-in to every new phone released in the past 2 years.
Carriers themselves have been scrambling themselves to perform damage control by either confirming or denying the inclusion of Carrier IQ on their handset lineups, while manufacturers are throwing either CarrierIQ, carriers or even both under the bus for the whole situation. It’s important to keep a level head, though as the story keeps progressing the more is discovered about Carrier IQ, it’s easy to fall into paranoia about what it can do and what it’s actually supposed to do if it were implemented correctly.
As Carrier IQ is buried deep into the operating systems as a hidden system level process, it’s supposed to log hardware and software behavior in near real-time. Unfortunately, multiple implementations of Carrier IQ on various devices have confirmed that it not only logs software and hardware behavior, but it’s been discovered that it logs everything from keystrokes and text messages to sensitive information such as passwords personal messages and call logs.
This is an egregious violation of privacy if all it did was log all of this information. This is the crux of the issue, that a program seemingly used to assist carriers in quality assurance is actively logging such information without so much as a warning.
Most of the ire centers around Android, but that implies that it would be the only operating system affected. Apple’s iOS has also had Carrier IQ built-into iOS, but it wisely forced data collection as explicitly opt-in, as in making it obvious that certain functionality requires data collection, but it would not do so unless it was explicitly approved by the user following multiple prompts. Apple has confirmed that it has abandoned Carrier IQ and the next update will erase the tool completely.
RIM has acknowledged that any inclusion of Carrier IQ is not authorized on its devices sold to carriers nor have they authorized its installation, but carrier software builds have confirmed the inclusion of the application, while Nokia has maintained that it has never installed Carrier IQ on any of its phones. Samsung and HTC have themselves stated that carriers force them to install the application on handsets and that the carriers should be held to account for the amount of data collected. Microsoft has also stated that Windows Phone 7 does not utilize Carrier IQ.
For its part, Carrier IQ has released the following statement regarding how its app works:
We measure and summarize performance of the device to assist Operators in delivering better service.
While a few individuals have identified that there is a great deal of information available to the Carrier IQ software inside the handset, our software does not record, store or transmit the contents of SMS messages, email, photographs, audio or video. For example, we understand whether an SMS was sent accurately, but do not record or transmit the content of the SMS. We know which applications are draining your battery, but do not capture the screen.
Having examined the Carrier IQ implementation it is my opinion that allegations of keystroke collection or other surveillance of mobile device user’s content are erroneous. We measure and summarize performance of the device to assist Operators in delivering better service.
While a few individuals have identified that there is a great deal of information available to the Carrier IQ software inside the handset, our software does not record, store or transmit the contents of SMS messages, email, photographs, audio or video. For example, we understand whether an SMS was sent accurately, but do not record or transmit the content of the SMS. We know which applications are draining your battery, but do not capture the screen.
“Having examined the Carrier IQ implementation it is my opinion that allegations of keystroke collection or other surveillance of mobile device user’s content are erroneous,” asserts Rebecca Bace of Infidel Inc. a respected security expert.
Privacy is protected. Consumers have a trusted relationship with Operators and expect their personal information and privacy to be respected. As a condition of its contracts with Operators, CIQ operates exclusively within that framework and under the laws of the applicable jurisdiction. The data we gather is transmitted over an encrypted channel and secured within our customers’ networks or in our audited and customer-approved facilities.
Carrier IQ is aware of various commentators alleging Carrier IQ has violated wiretap laws and we vigorously disagree with these assertions.
Our software makes your phone better by delivering intelligence on the performance of mobile devices and networks to help the Operators provide optimal service efficiency. We are deployed by leading Operators to monitor and analyze the performance of their services and mobile devices to ensure the system (network and handsets) works to optimal efficiency. Operators want to provide better service to their customers, and information from the device and about the network is critical for them to do this. While in-network tools deliver information such as the location of calls and call quality, they do not provide information on the most important aspect of the service – the mobile device itself.
Carrier IQ acts as an agent for the Operators. Each implementation is different and the diagnostic information actually gathered is determined by our customers – the mobile Operators. Carrier IQ does not gather any other data from devices.
CIQ is the consumer advocate to the mobile operator, explaining what works and what does not work. Three of the main complaints we hear from mobile device users are (1) dropped calls, (2) poor customer service, and (3) having to constantly recharge the device. Our software allows Operators to figure out why problems are occurring, why calls are dropped, and how to extend the life of the battery. When a user calls to complain about a problem, our software helps Operators’ customer service more quickly identify the specific issue with the phone.
As for the carrier’s role in this mess, AT&T and Sprint have admitted to deploying the software on its phones, but both are taking great pains to reassure customers that the way it’s currently deployed does not go beyond data collection spelled out in their current privacy policies. T-Mobile USA has itself confirmed that it does use Carrier IQ on its lineup for diagnostics, while Verizon does not, with the aforementioned being the most emphatic in its confirmation that it does not use Carrier IQ.
Now, Carrier IQ is facing several suits related to the situation while another lawmaker is calling for an investigation related to Carrier IQ. The situation is far from over, but the key thing to take away from this is that carriers need even more transparency and honesty when dealing with such a volatile situation. There was no need for it to grow to such an unmanageable situation and heighten the potential for hysterics. What is needed now more than ever is a measured approach to this issue, even if it took a security researcher’s initially incomplete research to raise awareness.