Support EFF by learning more about the privacy destroying app Carrier IQ!
Sent from my LG-VM670 using Tapatalk
Sent from my LG-VM670 using Tapatalk
Carrier IQ
- Thread starter smokenbiskits
- Start date
bornagainpenguin
Well-known member
Be sure to mention Carrier IQ too, the next time someone gives you a hard time (you just want to pirate apps, can't you leave it alone, etc) about rooting your phone. Carrier IQ is exactly the kind of thing that makes me glad I root and install a custom rom as soon as I am able to. Be sure to mention that it keeps track of keystrokes (it calls them "events") and ask the person how they feel about the very real possibility that this information can be remotely accessed and uploaded to an unknown website for identity fraud!
--bornagainpenguin
PS: I'd like to take a moment right here to thank ALL the rom developers who have extended the functionality and ensured the security of my phone on this site. I really do appreciate you guys.
--bornagainpenguin
PS: I'd like to take a moment right here to thank ALL the rom developers who have extended the functionality and ensured the security of my phone on this site. I really do appreciate you guys.
Here is a APP that runs a test on your phone to see if you do have Carrier IQ. I know Harmonia does not 
How To Check And Remove Carrier IQ Keylogger Activity On Android | Redmond Pie
How To Check And Remove Carrier IQ Keylogger Activity On Android | Redmond Pie
IHO doesn't have Carrier IQ either, since it's based off CM7, which is based off the original android source code.
However I read somewhere (forgot where) that any custom ROM that is built off the phone manufacturer's software (ie. an HTC Sense ROM) will still have it, since all HTC phones have it.
Sprint and AT&T confirm that they use it, T-mobile says they have it on phones but only to improve their network, Verizon denies they have it on any phone.
idk if our OV has it on stock...We're not technically Sprint...
However I read somewhere (forgot where) that any custom ROM that is built off the phone manufacturer's software (ie. an HTC Sense ROM) will still have it, since all HTC phones have it.
Sprint and AT&T confirm that they use it, T-mobile says they have it on phones but only to improve their network, Verizon denies they have it on any phone.
idk if our OV has it on stock...We're not technically Sprint...
Still no idea if this is really anything to worry about.
The video that's being passed around everywhere doesn't seem to show CarrierIQ actually collecting your messages, photos, or what have you. My understanding is that the information brought up in his logs is normal debugging information that would show up in the logs, CIQ or not.
Also, yes, it tracks 'keystrokes' but there seems to be more to it, i.e. when diagnosing a crash with data from CIQ it could be relevant what keys were pressed.
Thoughts? Any devs around please shed some light on this, it would be greatly appreciated.
The video that's being passed around everywhere doesn't seem to show CarrierIQ actually collecting your messages, photos, or what have you. My understanding is that the information brought up in his logs is normal debugging information that would show up in the logs, CIQ or not.
Also, yes, it tracks 'keystrokes' but there seems to be more to it, i.e. when diagnosing a crash with data from CIQ it could be relevant what keys were pressed.
Thoughts? Any devs around please shed some light on this, it would be greatly appreciated.
Another question. Did the Optimus V come with Carrier IQ at all? I just checked my wife's stock phone. She doesn't want it tampered with because she has an extended warrenty on it. I checked the running apps an saw nothing like I. Eckert's videos, but that was HTC not LG.
That is a gross lie. Tracking every action in the phone cannot be for diagnosing crashes. They shouldn't be selling crashing phones in the first place; the end products are supposed to be sold with debugging off so that the user can have the full performance of the device. We don't need to know or record every key stroke, every site visited, every call made to debug a crash, neither they do. Did anybody ask any question about the keystrokes, web/call history for any bug reported in the IHO thread? It is unbelievable how much crap they cram inside those phones in the factory and how much better a device can be with open source development. Just check your OV. I hope they pay back every penny they ripped off the people after the lawsuit.
Please consider updating this thread: http://forums.androidcentral.com/an...iq-please-list-confirmed-device-status-2.html with whatever information is found.
one of the commenters under that article posted this link to some CIQ marketing material:
http://www.carrieriq.com/overview/IQInsightExperienceManager/ExperienceManager.datasheet.pdf
i for one find this a bit disconcerting. after reading that pdf, i believe CIQ seems to know what carriers want-very sophisticated spyware-and they are marketing it as such. i'm not comfortable with the idea--probably will lead to even more spying tech. the more we tolerate the more they will push the envelope.
As long as we keep rooting and flashing awesome mods like CM, I don't think we'll have a problem
That being said, I wouldn't be surprised if somewhere deep inside those contracts that people sign on Verizon/Sprint/T-Mobile/AT&T that it allows this sort of thing. After all when you're on a contract the phone isn't technically yours...
Another reason I like VM. My phone is mine. If I don't pay my bill, VM can't take my phone away. lol
That being said, I wouldn't be surprised if somewhere deep inside those contracts that people sign on Verizon/Sprint/T-Mobile/AT&T that it allows this sort of thing. After all when you're on a contract the phone isn't technically yours...
Another reason I like VM. My phone is mine. If I don't pay my bill, VM can't take my phone away. lol
i dont have my old OV near me, or the stock rom backup :/ but can anyone check their stock rom to see if CIQ is in the applications list?
I'll be restoring my stock Triumph nandroid tonight just to check if it is or not, if it is, im glad I switched to cm7 mere minutes after taking it out of the box, without even signing into any of my accounts.
also, made new accounts during the move from OV to MT as well
I'll be restoring my stock Triumph nandroid tonight just to check if it is or not, if it is, im glad I switched to cm7 mere minutes after taking it out of the box, without even signing into any of my accounts.
also, made new accounts during the move from OV to MT as well
i dont have my old OV near me, or the stock rom backup :/ but can anyone check their stock rom to see if CIQ is in the applications list?
I'll be restoring my stock Triumph nandroid tonight just to check if it is or not, if it is, im glad I switched to cm7 mere minutes after taking it out of the box, without even signing into any of my accounts.
also, made new accounts during the move from OV to MT as well
Nope already looked
As long as we keep rooting and flashing awesome mods like CM, I don't think we'll have a problem
Google is making it harder and harder.
If you are rooted, you can't use Google movies in the app store. Expect more things like this as time goes on unless there is a major shift in I.P. politics, and I while there is change going on to some degree, don't count on it any time soon.
Rooting and roms are like a game of cat and mouse, odds are you will probably be able to keep doing that, just don't count on being able to do everything.
Point taken. I guess it'll be up to all of us to decide what we want to do. Which after all is what they tell you when you root your device, that anything you do to it is entirely your fault. So for instance, I don't mind not being able to use Google movies in the app store (or being able to buy music from it either). Other people might though, yes.
Either way, everything I have read so far says that although this program can/does record keystrokes, there's no evidence of it sending the information anywhere...
ok, even if there is no evidence of it sending information, what if someone like Sprint decides to pull the info from everyones HTC phones. they flip the switch and all phones start uploading all data without users knowing.
50% of the problem is that its recording, and 50% is that we have no idea what the carriers really want that info for, or want the ABILITY to see that info for, or why it captures login data as plain text and intercepts https. or why it took so long to come to light even with all the rom development on those phones, people ripping apart the stock rom and building different versions.
Frankly, I don't care if it (data) isn't going anywhere or not.
I have banking apps, remote server logins, and email passwords that would be kept in there and if someone steals it or I lose, that would spell trouble for me and my clients. I don't let it store passwords when I have the option for that stuff, why would I want this storing them when I don't want it being stored.
Some may not care, (if they hack my email, no big deal), but getting into my bank account or my clients servers, which is their livelyhood, that is not okay. These companies have no business or right to that kind of information. I don't care who they are, Sprint, AT&T, the feds, doesn't matter, they have no need to access or have the codes to access my clients legitimate business servers.
It seems to me the phone manufactures, service providers and Carrier's creators are all pointing fingers at each other saying it either doesn't do what it claims, does more than they claim, or was instigated by the others. They can't even get their stories straight when pointing fingers.
That alone means there is more going on than they are telling us.
Think about this, if all they wanted was to track dropped calls, a simple app can do that, you don't need a rootkit and why would they feel a need to hide it? That seems like an awfully lot of expense for something harmless we don't need to worry about. Companies don't spend more money than they need to.
I have banking apps, remote server logins, and email passwords that would be kept in there and if someone steals it or I lose, that would spell trouble for me and my clients. I don't let it store passwords when I have the option for that stuff, why would I want this storing them when I don't want it being stored.
Some may not care, (if they hack my email, no big deal), but getting into my bank account or my clients servers, which is their livelyhood, that is not okay. These companies have no business or right to that kind of information. I don't care who they are, Sprint, AT&T, the feds, doesn't matter, they have no need to access or have the codes to access my clients legitimate business servers.
It seems to me the phone manufactures, service providers and Carrier's creators are all pointing fingers at each other saying it either doesn't do what it claims, does more than they claim, or was instigated by the others. They can't even get their stories straight when pointing fingers.
That alone means there is more going on than they are telling us.
Think about this, if all they wanted was to track dropped calls, a simple app can do that, you don't need a rootkit and why would they feel a need to hide it? That seems like an awfully lot of expense for something harmless we don't need to worry about. Companies don't spend more money than they need to.
Last edited:
Just FYI- On my rooted Coby Kyros 7022-4g, I can use the Android Market and rent movies.
Running the stock 2.3, just rooted and removed phone related apks. This tablet allows you to install CWM without rooting via an update function. So I installed CWM, made a backup, pushed busybox and su binaries to the appropriate locations, rebooted, and then downloaded SuperUser. Movies work fine on the Market.
The tablet didn't come with the Android Market, and the google partner setup FCs each time you reboot, so I'm thinking it's a loophole that Google might find and close.
They probably haven't enabled the root checking because it never came with the Market app.Just FYI- On my rooted Coby Kyros 7022-4g, I can use the Android Market and rent movies.
Running the stock 2.3, just rooted and removed phone related apks. This tablet allows you to install CWM without rooting via an update function. So I installed CWM, made a backup, pushed busybox and su binaries to the appropriate locations, rebooted, and then downloaded SuperUser. Movies work fine on the Market.
The tablet didn't come with the Android Market, and the google partner setup FCs each time you reboot, so I'm thinking it's a loophole that Google might find and close.
I suspect it won't be long before a workaround is found though. Would be nice to figure out in case carriers and Google start becoming more and more jerks about it.
By the way, tests have been showing that:
The original OV does not have Carrier IQ, no idea on newer models. Harmonia 1 and 2 do NOT have it.
The original Intercept DOES have it, not sure on the update or updated models. It however seems to be minimal or not working at all.
While Carrier IQ is not present, there is no telling how many other companies are making software like this for carriers.
For those thinking other companies are safe...
Rim does not put it on their phones, however T-Mobile was/is adding it to Blackberries.
Also infected with it on phones carried by T-Mobile (either by T-Mobile or the manufacturer):
Galaxy S II
HTC Amaze 4G
Samsung Exhibit II 4G
LG MyTouch
LG MyTouch Q
LG Double Play
Blackberry 9900 (Installed by T-Mobile, not Rim)
Blackberry 9360 (Installed by T-Mobile, not Rim)
Blackberry 9810 (Installed by T-Mobile, not Rim)
T-Mobile claims all they are tracking is, battery performance, dropped calls and application failures. Again, why spend the money on some secret rootkit when a simple app could do the job?
The original OV does not have Carrier IQ, no idea on newer models. Harmonia 1 and 2 do NOT have it.
The original Intercept DOES have it, not sure on the update or updated models. It however seems to be minimal or not working at all.
While Carrier IQ is not present, there is no telling how many other companies are making software like this for carriers.
For those thinking other companies are safe...
Rim does not put it on their phones, however T-Mobile was/is adding it to Blackberries.
Also infected with it on phones carried by T-Mobile (either by T-Mobile or the manufacturer):
Galaxy S II
HTC Amaze 4G
Samsung Exhibit II 4G
LG MyTouch
LG MyTouch Q
LG Double Play
Blackberry 9900 (Installed by T-Mobile, not Rim)
Blackberry 9360 (Installed by T-Mobile, not Rim)
Blackberry 9810 (Installed by T-Mobile, not Rim)
T-Mobile claims all they are tracking is, battery performance, dropped calls and application failures. Again, why spend the money on some secret rootkit when a simple app could do the job?
Similar threads
Trending Posts
-
[Chatter] "Where everybody knows your name ..."
- Started by zero neck
- Replies: 53K
-
News Chromecast with Google TV (4K) may finally get a successor- Started by AC News
- Replies: 0
-
Question Google says I'm in South Africa but I'm not
- Started by pierre5463
- Replies: 0
-
News Samsung offers free one-time screen replacement for Galaxy display defect
- Started by AC News
- Replies: 0
-
Facebook
Twitter
Instagram