Slashdot Mirror
Carrier IQ Software May Be in iOS, Too
New submitter Howard Beale writes with this excerpt from The Verge: "To date, the user tracking controversy surrounding Carrier IQ has focused primarily on Android, but today details are surfacing that the company also may have hooks into Apple's iOS. Well-known iPhone hacker Chpwn tweeted today that versions at least as recent as iPhone OS 3.1.3 contained references to Carrier IQ and later confirmed it's in all versions of iOS, including iOS 5." The details are still emerging; however, iPhone users will be happy to hear that while it's reported that the software is available to the OS, "the good news is that it does not appear to actually send any information so long as a setting called DiagnosticsAllowed is set to off, which is the default."
everything it collects is viewable to the user and you can turn it off in settings > general > about > diagnostics & usage
It matters because what the contract allows is ambiguous at best and definitely does not cover all that CarrierIQ is capable of (what it is configured for on a given phone from a given carrier may be a different story). In fact, keystroke logging of text messages may be in violation of federal wiretap laws, particularly if the logging continues even when the phone is not connected to a cellular network.
Does that mean that Apple is complicit in installing Carrier IQ?
Yes. It was potentially something they were told to do by carriers, but Apple has had a habit of telling anyone that went against their worldview to fuck off, so I imagine it at least doesn't conflict with their intents.
"the good news is that it does not appear to actually send any information so long as a setting called DiagnosticsAllowed is set to off, which is the default."
This is supposed to be reassuring? How many people will ever read about this? And how long until it's turned on by default? Or perhaps turned on by a remote message.
I've found it useful as an example for people who don't understand why we need free/open software. This story simply means that if you use your phone to access anything that is protected by a password (or PIN or whatever), that little hidden bit of software is making a copy of your login, password, account numbers, etc., and sending it off to some site that you know nothing about. Whoever has that information can then get into your account and do as they like with it. I've seen a lot of worried looks, and I know a number of people who have held off on the idea of using their phone to access their bank accounts as a result of this information.
I try to get the idea across that, as long as there's any software that's not freely available to us software geeks ("hackers" to the media), so that we can study it and expose such little nasties, nobody's information or accounts or identities can be considered safe. This sort of software can and does send all your private information to some unknown strangers.
Those who do study history are doomed to stand helplessly by while everyone else repeats it.
In other news, hackers have discovered that the game, Angry Birds, mysteriously turns on a setting called "DiagnosticsAllowed".
Good news: last time you looked, he was still sitting in the back and hadn't stabbed you yet.
If you were blocking sigs, you wouldn't have to read this.
Not only is it off by default, apparently it's only allowed to access information at a layer that doesn't give away the farm. It's not recording your keypresses, the sites you visit (which apparently the HTC version does even if you're on WiFi) or anything else that's possibly a significant security risk. Supposedly, it really does act just as it's claimed to in the press releases.
(I'm aware that I use 'apparently' and 'supposedly'; I have no concrete info that I've tested myself, this is just what I've read today.)
Interestingly, it looks like the "pure" Android phones (i.e the Nexus line) don't ship with CarrierIQ
I used to work in the EU for a US phone manufacturer (starts with an 'M'), and mid-2009, integrating CIQ became a mandatory requirement for products that were to be bought by AT&T. This was the first time a carrier asked for this, and at the time, the requested info came mainly from the modem side (signal levels, dropped calls stats, network conditions and so on). Carriers use CIQ-logged info to monitor the health of their network and spot potential problem areas. I would say that this is more of a carrier-thing, and not specific to one handset or another.
I don't know if the list of required info kept growing or who asked for application-side info like Google searches and text messages' content, though...
(Posting anon because I don't know what laws/contracts I am potentially breaking...)
Apple doesn't need it. Hint: it's in the product's name. The carriers want it.
It is not, however, important for them to have the keystrokes that you enter into your phone before sending encrypted communications. There is NO WAY that this is not a violation of the law if it is not explicitly mentioned in the ToS, as keystroke logging could never be remotely construed as even remotely necessary for system diagnostics; its only purpose is the violation of privacy.
To the haters: You can't win. If you mod me down, I shall become more powerful than you could possibly imagine
seems a bit less intrusive than the one demoed yesterday.
Seems so :
"Importantly, it does not appear the daemon has any access or communication with the UI layer, where text entry is done. I am reasonably sure it has no access to typed text, web history, passwords, browsing history, or text messages, and as such is not sending any of this data remotely."
If all else fails, immortality can always be assured by spectacular error.
At least according to US laws, the content of your communications are still considered private. It's just the destination and time of communication (bookkeeping data) that has no expectation of privacy.
The fact that SMS keystrokes can be recorded is clearly a violation of privacy.
I'm also quite worried about the fact that I have to put the password for my work account into my phone in order to receive my work emails. I expect those to be private as well, especially since the password field is masked with *'s (which definitely implies that the password is private). The fact that some previously unknown company may know my work password is frightening to me.
:(){
Part of the agreement is to allow Apple and the cellular carrier to monitor and be able to diagnose problems. One has zero expectation of privacy anyway with a cell phone, so having software which is present as per a signed contract is to be expected.
Keylogging my username and password for my https or ssh connections is definitely not part of the agreement as I understood it (and a valid contract is a meeting of the minds, not an evil trap full of gotchas), no any other data that I might be typing in to encrypted or even non encrypted sessions. Sure, I admit that the non encrypted sessions might be listened to by someone, but the expectation is that the someone in that scenario is not my phone provider using a tool the installed before I bought it.
We can't buy carrier independent handsets because all of our cellphone networks are incompatible. Sprint phones sometimes work on Verizon, Verizon phones never work on Sprint, neither of them work on GSM, and AT&T and TMobile, the two GSM carriers, have incompatible 3G networks. Don't get me started on "4G" and the half-dozen different things it's been redefined into meaning.
Also, for every carrier except TMo, the monthly price is just as high when you bring your own phone as it is when you take the carrier subsidy.
So, since buying your own phone doesn't make it portable across networks, and costs more money up front and the same amount per month, there's no point. That's why everyone takes the carrier phone and contract; it's not because we're all stupid, it's because it's the most cost effective solution in a shitty market.
carriers and handset makers need the ability to monitor their networks for problem cell sites and areas of low to no signal
First, handset makers don't have networks or cell sites. Second, why do carriers need to use my device to test their network, they don't have their own equipment to do that? And if my device is transmitting diagnostic data, why the hell are they charging me data fees to send them diagnostics? I should be charging them. The point is that they don't need to use my device to test their network. And if they're going to ask me to do that, they sure as hell better tell me and better give me a way to opt out. Neither of those happened when I bought my phone. iOS took the right path with specifically calling it diagnostic mode, and having it disabled by default. Sprint tries to hide it from me. That's not right.
as well diagnostics about the phone and any problem apps
Again, they don't *need* the ability to do that. It would be *nice* if they had it, and frankly if they asked me I might allow them. But since they try to sneak it in the backdoor now I simply don't trust them and it's finally pushed me to the point where I'm ready to install Cyanogenmod and get rid of their software altogether. So now they get nothing.
if you go for tech support it's not like the people magically know everything that is wrong with your phone.
Yeah, you're right, even with all the data my phone has been sending them they still don't know what's wrong with it. So why should I send the data to them?
if you complain of dropped calls its important to know where they are occuring
A diagnostic application specifically for monitoring dropped calls is completely different than the software that is actually being used. Dropped calls are just one aspect that they try to highlight to claim that the software is benevolent, and then they deny the ability to log keystrokes even when proof is shown that they are.
If the company is lying about what their capabilities are and what data they're collecting, then that's a major red flag. That's enough to get me to remove the software.
"Our two-party system is like a bowl of shit looking at itself in a mirror." - Lewis Black
(Posting anon because I don't know what laws/contracts I am potentially breaking...)
I hope you're not posting from a mobile phone. ;)
Wouldn't this same logic apply to an ISP and your computer? Should they be able to install a key logger on your computer to "diagnose" connection issues? Isn't a smart phone a computer with a phone?
Chance favors the prepared mind.
Perfect is the enemy of good.
That's why everyone takes the carrier phone and contract; it's not because we're all stupid, it's because it's the most cost effective solution in a shitty market.
It depends on what you want to do with the phone. If you e.g. use it for tethering, the cost of buying an unlocked international version for full price recoups itself pretty quickly.
Also, it is possible to have 5-band 3G phones that work on both AT&T and T-Mo, so you can at least switch between those two. For example, Galaxy Nexus is 5-band HSPA 850/900/1700/1900/2100 - which covers both AT&T's 1900MHz, and T-Mo's 1700/2100 MHz.
I have D&U turned on on my iPhone 4S. Why? Because I'm a geek and if I can help out some other geeks at Verizon or Apple, so be it. But, guess what? I can see what's transmitted, no rooting required. Here's a typical entry:
deviceid: "xxx"
isAnonymous: true
deviceConfigid: 101
triggerTime: 1322150199352
triggerId: 655363
profileId: 10109
investigationId: 0
locationaUpdateSession {
timestamp: 1322150199351
timestampEnd: 1322150199351
desiredAccuracy: 1000
cellAvailable: true
wifiAvailable: true
passcodeLocked: false
airplaneMode: false
ttff: 0
ttffGps: -1
bundleid: "com.apple.weather"
achievedAccuracy: 99
}
Enjoy your paranoia! I refuse to participate.
If I used a sig over again, would anyone notice?
Think about it. CarrierIQ is a front for the NSA.
I hope you didn't post that from your cell phone.
Faster! Faster! Faster would be better!