Android, Blackberry, and Nokia phone users should know about this:

billbillw

Startling discoveries about a 'rootkit' type software that is running on most Smartphones.

http://gizmodo.com/5863849/your-android-phone-is-secretly-recording-everything-you-do

I'm not some super privacy advocate, but this software goes way beyond what is acceptable to me!

logo896

Not surprising at all. I mean its similar to how search engines make money as well. You can't do anything without it being tracked now. Id love to go off the grid.

F1nut

That's bad, real bad!

billbillw

Yeah, search engine data mining, tracking cookies, etc., are one thing, but logging/sending plain text and keystroke monitoring for everything you do? Especially when it is supposed to be https? That's a whole new level of spying IMO.

dkg999

So is this really a surprise? Google, FaceBook, LinkedIn, etc. need to fund millions of dollars in technology hardware so that you cheap b$stages can have free memberships and use. So how they gonna do that hoss? One of the answers is to make sure they have opt-in policies for free memberships that can monetize every stink'in piece of data. I'm not so sure the cell-phone companies actually provided the consumer notice and opt-in that would of been expected, however they probably soon will. I'm a big proponent of industry self-regulation, however these companies are shooting themselves and the whole industry in the proverbial foot!

Drenis

I'm a Blackberry user myself... not good news.

heiney9

dkg999 wrote: »

So is this really a surprise? Google, FaceBook, LinkedIn, etc. need to fund millions of dollars in technology hardware so that you cheap b$stages can have free memberships and use. So how they gonna do that hoss? One of the answers is to make sure they have opt-in policies for free memberships that can monetize every stink'in piece of data. I'm not so sure the cell-phone companies actually provided the consumer notice and opt-in that would of been expected, however they probably soon will. I'm a big proponent of industry self-regulation, however these companies are shooting themselves and the whole industry in the proverbial foot!

Doug, so far Gizmodo goes way beyond just tracking and compiling for trends and specific marketing. It's scary that someone can eavesdrop on anything you send via your Android OS phone. It's too invasive and they are trying like hell to cover it up.

H9

tonyb

It's called greed Doug. Anything thats of value is for sale to whoever wants it. Now who would want such info ?

billbillw

I don't think its greed directly. I honestly don't think they are looking to sell your personal data. I think its careless programming. If they are going to collect that data to help troubleshoot and make the 'user experience' better, they must have some level of encryption on the data stream. It was shown that this data being sent out in plain text. With that knowledge, criminal hackers could get passwords and login IDs for sensitive accounts (bank, email, network, etc) and commit great fraud! Bottom line, CIQ has been caught with their pants down and as news of this continues to spread, the carriers and manufacturers are going to catch hell from the users.

nadams

Anywhere I see ads while I'm browsing... there's always one for Polk Audio. Sometimes every single one is for the Ultrafit headphones I'm outraged.

exalted512

I don't see the big deal. No where in the video does it show anything getting beyond the USB port of the phone. It might be an issue if you lose your phone I suppose, but I can delete everything on my phone remotely.
-Cody

exalted512

I should have worded that better. I don't agree with the program, it should have never made its way to the phone in the first place. But this video makes it seem like everything in your phone is being sent to Carrier IQ, which doesn't appear to be the case.
-Cody

billbillw

Cody, the stream that is being shown on the screen (via USB connection) is the same stream that is being sent out over WiFi/3G/4G connection. That is why this is such a big deal. And I think you are wrong, everything you do on your phone IS being sent to CIQ. That much is clear.

dkg999

I work in the information business. I spend days attempting to figure out where data is sourced from and if it was collected with sufficient consumer notice and is compliant to use for building products with. Any and all the data referenced in this thread is available from multiple sources, especially in South America and Eastern Europe. A 30TB feed of data of which cellphone numbers called which other cell and landline numbers last month, there's an app for that and a price. So this is just the latest discovery, and while the data may have been collected for a genuinely valid purpose, someone will realize they can monetize that data either at the most granular or at an aggregated level.

Don't like that .................. don't use a cell phone and don't use the internet.

exalted512

billbillw wrote: »

Cody, the stream that is being shown on the screen (via USB connection) is the same stream that is being sent out over WiFi/3G/4G connection. That is why this is such a big deal. And I think you are wrong, everything you do on your phone IS being sent to CIQ. That much is clear.

Then why did he have to put it in USB debugging mode and sync it the software before anything got sent out?

I'm not for sure one way or another, but I don't take any websites seriously unless I see video proof otherwise (ie: packet capture). This particular video didn't prove otherwise.

Maybe someone geekier than me can confirm or deny that.
-Cody

billbillw

The USB debugging is so that you can see the data stream on the PC screen. It is happening no matter what the phone is doing.

exalted512

Or is it?

USB debugging is used to copy data between your computer and your device and to read log data, which essentially is what this guy is doing. It's also used for development purposes...seeing a trend with what USB debugging is made to do and what the guy on the video is showing?

Like I said, it doesnt show data going ANYWHERE other than the screen that its attached to. Until I see packets being sent, I doubt this is anything to be TOO alarmed about.
-Cody

cfrizz

Well now, I'm really glad I just use my phone as a phone.

heiney9 wrote: »

Doug, so far Gizmodo goes way beyond just tracking and compiling for trends and specific marketing. It's scary that someone can eavesdrop on anything you send via your Android OS phone. It's too invasive and they are trying like hell to cover it up.

H9

BeRad

If you go to XDA-developers, they have lots of pople working on new roms for android phones that are stripped of all CIQ garbage. It seems that Rogers in Canada isn't that bad, but apparently AT&T phones are loaded with CIQ processes that run in the background and even slow the phone down a bit.

I have only recently started using an android phone (Galaxy S2) and I am quite happy so far with how many quality roms and kernels are coming out from the developers on that site. For my phone, they actually made a rom from the stock Rogers phones to put on the AT&T version for the sole purpose of eliminating CIQ.

BeRad

exalted512 wrote: »

Then why did he have to put it in USB debugging mode and sync it the software before anything got sent out?

He probably had to turn on USB debugging to be able to show what was going on in the background.

billbillw

Unfortunately 99% of the population doesn't have a clue how to install a custom rom on their phone. Not to mention, for most of the carriers, it voids any warranty. I went an looked at my phone's apps today. I couldn't find anything that had IQ in it, but there was one called data collector. I was able to stop it though.

Drenis

Canadian retailers do not use or load this product. RIM confirms they also do not so I'm safe.

herman04

What a great blog post! Thanks for sharing it on your site.
nokia mobile

Kex

User reported for spamming.