After you buy a smartphone and the required mobile broadband service, what you do with the device is your business, right? Maybe not. Earlier this month, the XDA-Developer site noticed that a preinstalled mobile app, named Carrier IQ, was logging all smartphone activities with no way to opt out. On Wednesday, a new video demonstration surfaced that demonstrates exactly what the Carrier IQ software does. And it’s disturbing, especially when you consider more than 141 million Android, BlackBerry, (s rimm) and Nokia (s nok) handsets have the software installed.
Here’s the entire 17 minute video; a bit long, yes, but if you have a smartphone, it’s well worth watching. If you want to skip the basic handset setup parts — showing that this is a freshly restored phone — hit the video around the 8 minute mark to see the logging aspects.
Trevor Eckhart created the video, which I found by way of Wired. Through using the Android (s goog) developer tools to monitor the phone’s usage, he shows several concerning activities that CarrierIQ captures:
- Logging of keystrokes. Nearly every button — hardware or software — is noted when pressed. I noticed the keystrokes for input were based on ASCII standard codes, which are fairly universal. That means the keylogging feature can easily work across nearly all devices.
- Text of incoming SMS messages. Don’t expect privacy of what you’re sending or receiving on a phone with CarrierIQ installed.
- Web browsing information through what are supposed to be encrypted transactions. Eckhart did a simple Google search with the browser in a private mode using the secure HTTPS protocol. Yet, his exact search term in the browser was captured, even when using the phone on his home Wi-Fi network.
The Carrier IQ software can’t be disabled, either, making the situation even worse. Eckhart shows the service is set to run at all times and can’t be shut off through the standard “Force Close” option in Android. There’s no opt-out method; the service runs invisibly in the background; and there’s nothing a consumer can do to stop it. Why does CarrierIQ capture this data? According to the company’s website, the reason is to help both carriers and handset makers:
Recognizing the phone as an integral part of a mobile service delivery, and using the device to measure key parameters of service quality and usage, the Carrier IQ solution gives you the unique ability to analyze in detail usage scenarios and fault conditions by type, location, application and network performance while providing you with a detailed insight into the mobile experience as delivered at the handset rather than simply the state of the network components carrying it.
I understand the need to log data and share details — to a point. Let’s face it: Computers have logged such data for years; mainly to help troubleshoot problems. But those logs weren’t sent anywhere without the user’s knowledge, and that’s what makes this situation very different.
I’ll be looking into this a bit deeper, but while I do, there are some interesting questions raised by this video. Although consumers are buying smartphones — and assume they have ownership — are the handsets theirs to do with as they please, without the carriers or handset makers knowing what they’re doing? One could argue that the smartphone isn’t owned until it’s fully paid for, since carriers often subsidize the actual hardware costs, but I think the argument is lame, at best.
What about the network itself, which is generally required to gain the full benefit of having a connected device? Does the monthly fee to “rent” mobile broadband service mean consumers have no privacy rights while on the carrier network? From a consumer standpoint, I’d argue that yes, there should be some level of privacy. Then again, carriers spent billions of dollars on the infrastructure and want to protect their investment. Thoughts?
Our smartphone may be a little TOO smart! A must read for owners of smartphones. http://t.co/q2GmZH6s
Are carriers logging every action on your cell phone? — Mobile …: After you buy a smartphone and data service,… http://t.co/1tD5TjRl
Is your phone telling the carrier everything you do? [Video] http://t.co/thI0BGbm #Privacy
Are carriers logging every action on your cell phone? http://t.co/fC1WWow1. The more I hear, the worse it gets. #bigbrother
RT @DaveMichels: Is your phone telling the carrier everything you do? http://t.co/WYqEblHO #ucoms
Are carriers logging every action on your cell phone? http://t.co/QA8DZHqo
RT @gigaom: Is your phone telling the carrier everything you do? http://t.co/HqjqwszE
RT @Cisco_Mobility: Is your #smartphone telling your carrier everything you do? http://t.co/NzBYbJmq
Is your phone telling the carrier everything you do? http://t.co/VF4aadel
RT @FierceWireless: RT @gigastacey: @RobertMarkEnger we wrote one ourselves. http://t.co/uMhLtxx7 :): FierceWireless: RT @gigastacey:…
RT @gigastacey: @RobertMarkEnger we wrote one ourselves. http://t.co/ANtpHf8s :)
RT @Cisco_Mobility: Is your #smartphone telling your carrier everything you do? http://t.co/NzBYbJmq
@RobertMarkEnger we wrote one ourselves. http://t.co/ANtpHf8s :)
I bet the bandwidth is taken out of your monthly quota. It will be ‘too much’ of trouble to exclude this traffic only. Why exclude when you can get paid twice (once for actual data captured used for marketing and second from bandwidth used to send this data) on customer’s dime.
Are carriers logging every action on your cell phone?: After you buy a smartphone and the required mobi… http://t.co/3PGoZNIK #privacy
“@Cisco_Mobility: Is your #smartphone telling your carrier everything you do? http://t.co/rGzGbR1fâ€
RT @Cisco_Mobility: Is your #smartphone telling your carrier everything you do? http://t.co/NzBYbJmq
This all smells. Why on earth needs a carrier data of type like visited URLs, search strings, or better yet, content of your SMS, huh? Will a carrier turn to Zuck “Look boy, your fucking servers suck 90% of our broadband. How about sharing your bucks”? I doubt so. Wait, is there iPhone affected too? Where the hell is iPhone? Remember the thermonuclear war? Call me a conspiracy theorist, but this looks like Steve’s secret project.
RT @Cisco_Mobility: Is your #smartphone telling your carrier everything you do? http://t.co/NzBYbJmq
Is your #smartphone telling your carrier everything you do? http://t.co/NzBYbJmq
Are carriers logging every action on your cell phone? http://t.co/dFq4kQR9
Are carriers logging every action on your cell phone? http://t.co/34qiCsPK
RT @richardsession: Is your phone telling the carrier everything you do? – http://t.co/hiNuqInK
Are carriers logging every action on your cell phone?
http://t.co/fUsYkTsj
RT @gigaom: Are carriers logging every action on your cell phone? http://t.co/hlYh91Kn
Software on 141 million handsets logs keystrokes, incoming texts, and encrypted browsing transactions. No opt-out. http://t.co/gtafPTNp
volve aparecer CarrierIQ entre os meus feeds http://t.co/BZMup5YJ
RT @ jstreebin Are carriers logging every action on your cell phone? http://t.co/otnw8wnZ
Is your phone telling the carrier everything you do? – http://t.co/eOzHZLHu
Are carriers logging every action on your cell phone? http://t.co/mZpFZIrv