Slashdot Mirror
Carrier IQ Responds To FBI Drama, EFF Wants More Information
New submitter realized writes "Yesterday Carrier IQ released a report (PDF) which tries to answer some questions about how their system operates. Also, after reports of the FBI using Carrier IQ data, the company responded by saying, 'Carrier IQ has never provided any data to the FBI. If approached by a law enforcement agency, we would refer them to the network operators.' Additionally, the EFF just released a report which says they believe keystroke data 'is in fact being inadvertently transmitted to some third parties,' but they would like to study carrier profiles to verify information."
Reader Trailrunner7 adds that Carrier IQ's report indicates "under some limited circumstances its software will log the contents of SMS messages sent to a user's phone, but that that the contents of those messages would not be human readable. Instead, they would be in an encoded form that could not be decoded without special software and the carriers don't have access to the contents of the messages either. The company said it has worked on a fix for the bug, which affected devices running the embedded version of the Carrier IQ agent."
http://en.wikipedia.org/wiki/COINTELPRO
http://en.wikipedia.org/wiki/Citizens'_Commission_to_Investigate_the_FBI
I suspect COINTELPRO has been updated and perfected by now.
The fix is to not install spyware on the phones in the first place. How hard is this to understand?
Instead, they would be in an encoded form that could not be decoded without special software and the carriers don't have access to the contents of the messages either.
Yeah, first they say they don't sniff your traffic, then they say this, then that, then they pull the "not without our secret magic decoder ring" argument. If they are working with government agencies to use this software (and it may not be the FBI), they wouldn't even have the ability to admit to it- those kinds of agreements require the company to deny everything in perpetuity.
First thing this new year, I'm migrating my phone over to cyanogenmod. I'd do it now, but I just don't have the time.
Install gentoo.
Step 1: Buy an Android phone
Step 2: Run one of the numerous CIQ detection apps
Step 3: If found, install an AOSP ROM like CM7
Step 1: Buy an Android phone
Step 2: Run one of the numerous CIQ detection apps
Step 3: If found, install an AOSP ROM like CM7
Yes, much simpler than turning off a single option in the iPhone's preferences (after you've turned it on because it's off by default). Or don't turn it off because you can see what it sends in clear text and it doesn't log anything except diagnostic information.
Install Cyanogen Mod.
Apple has said that they are almost done using Carrier IQ for other methods of data collection.
http://allthingsd.com/20111201/apple-we-stopped-supporting-carrieriq-with-ios-5/
The quote is:
“We stopped supporting Carrier IQ with iOS 5 in most of our products and will remove it completely in a future software update. With any diagnostic data sent to Apple, customers must actively opt-in to share this information, and if they do, the data is sent in an anonymous and encrypted form and does not include any personal information. We never recorded keystrokes, messages or any other personal information for diagnostic data and have no plans to ever do so.”
And for the Fanboys out there I say Other methods since they will still get "diagnostic data sent to them".
but that that the contents of those messages would not be human readable. Instead, they would be in an encoded form that could not be decoded without special software
"We encoded it as ROT13, twice."
--
BMO
You probably gave them your blessings in the user and/or license agreement in one way or another. Not that you would actually understand what you gave up--they would not want that. It's all in the fine print, buried in the legal-eeze. You need a lawyer anymore when you purchase a simple gadget if you really want to understand what it means for you to have it in your possession.
That just means they have a replacement that will do the same.
True. Here's the strange thing, though. Apple's statement was: "We stopped supporting Carrier IQ with iOS 5 in most of our products, and we're going to remove it completely in a future software update." Not particularly clear. On followup, that was narrowed down to the iPhone 4 with iOS 5 still has carrier IQ (and Verizon doesn't use carrier IQ, so it might be ATT iPhones only). Either way, carrier IQ wasn't doing keystroke logging or any of the other strange shit.
I would not be surprised if any cell phone, even the dumb ones, could be remotely enabled to log keys and other private information at the drop of a hat with order from proper authority. I could see the big corporations and government interesting lying somewhere along the lines of "The technology is capable of it, why not include the feature for the sake of public "security"? Same goes for any of the cloud connected network devices, such as the Kindle. Remember, when you are in the cloud you are in another parties home, running on their network under their control. Do you trust them with your private information? You better read *all* of the fine print before agreeing to it and using their services. Even then, can you really *trust* them?? What can't they tell or reveal to you because their mouths are zipped with all of the blessings of the US government?
"Show me the source code, and let me rebuild it" is the only way to be sure. To be sure you, or someone else who you trust, need to be able to inspect it and reconstruct it to confirm that is does what you want it to do and does not do what you don't want it to do.
Such as in the case of using the GPL. This is why the GPL rules when it comes to privacy and controlling the technology you use. Proprietary solutions, such as found in today's smart phones, are very risky because you have no way of knowing the full extent of what harmful things they can actually do.
First off.. CIQ are not the bad guys here.
They make software. It does various things, and it can be used for good or evil.
The carriers are the ones who requested the software to be placed on the handsets. The handset makers are the ones who screwed up, specifically HTC who left debug mode enabled on a production handset. The Samsung handsets do not exhibit the same issues that were shown in the video that the HTC handsets show.
The whole FBI link, no one really knows for sure, what the deal is, other then they refused a FOIA. That could mean they utilize the data, or they are in fact investigating CIQ itself.
Honestly, for the purposes that CIQ claim the software is for, I have no real issue with it. However they built far more capability then was needed in the software, and that I do have a major issue with.
I came, I conquered, I coredumped
I read the CIQ pdf, and the part I was most impressed with was the service quality heatmaps. It would be great if the carriers made (or were required to make) this data available. This would make it much easier to evaluate a carrier in your actual area. Instead the carriers just release vague maps that show that nearly the entire US is green. Clearly they have the data.
Do you really trust this company that their software will indeed work as informed (sending ONLY if allowed, not logging user habits, etc)? After numerous times saying that their software is harmless to the users and each and everyday being proven wrong by security specialists I wouldn't trust it even with these settings turned off.
One thing that's bothered me about all this:
Google's street-view car inadvertently logs SSID broadcasts, which are transmitted in the clear. They 'fess up and get washed and hung out to dry. Threats from governments, demands that they turn over the data, investigations galore.
CarrierIQ sends your text messages and keypresses and location information (including your typed passwords) to various third parties including the FBI and carriers... and nothing. A handful of small entities are "seeking suit" against the company.
Where's the outrage? You'd think that CarrierIQ only affects geeks.
Defenders of Carrier IQ insist that they're not collecting keystrokes, capturing SMS messages, or relaying personal information to the FBI, and that they're just collecting information to improve the quality of the network. The argument is irrelevant. Clearly the software has the capability of performing all these functions even if it isn't currently being used that way, and if the capability is there, it can be abused by third parties. Its existence on a personal device on anything other than an opt-in basis is unacceptable.
I weep with envy. I'm hoping someone has an app for eradicating this Carrier "Room Temperature" IQ.
I've got the iPhone, how do I crib smother this Carrier IQ parasite?
Next time you drive across a bridge, toss it out the window.
Sheesh, evil *and* a jerk. -- Jade
Someone with a need to use Carrier "V.P.Chainey" IQ sure hates folks that disagree. Hate is not a Bestiality Value.
I don't think your comment is Flamebait, unless the Mod'er is racist against Nanobots?
Well, security researches have shown that on the iPhone it does in fact start up, check the user's option to have it enabled (which is off by default), then exit immediately if it is disabled.
With the fact that Apple is very open about how it gets turned on, leaves it disabled by default and even makes you accept a new privacy policy to enable it, and all of that has not been disputed by researchers, I will say "Yes, I can trust them"
Enjoy your spyware riddled Android device.
"Carriers don't have access to the contents of the [SMS] messages." Then how the hell do they get them to my phone in a human-readable format?
If it's a troubleshooting tool then it would benefit from remote activation. If it's a spy tool then it needs remote activation. Removing the software isn't the same as not having it (currently) running.
When it asks you if you want to send diagnostics. Say no.
If you were stupid enough to say yes in the past, you can change it in settings -> general -> about -> diagnostics.
Why buy an Android that's not supported by CyanogenMod?
And by spyware riddled you mean perfectly clean, I suppose. Small typo.
I think of microsoft word's various formats when I hear that phrase, personally.
=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Friends don't let friends enable ecmascript.
This seems to be the point everyone is missing in all this. The carrier doesn't need spyware to spy on you, THEY ALREADY SEE ALL YOUR STUFF IN PLAIN TEXT. It's not like ATT needs a warrant to open up their own network and take a look around. Nor does verizon need federal permission to log, through their data proxy, every address you ever visit, for how long and using what protocols. In point of fact, current federal law requires these companies to store this information, for a very long time.
What exactly do people think CIQ can tell the carrier that they don't already know? The pathetic answer is, real world network performance diagnostic data. Which is just about the ONLY thing the carrier doesn't already know about your handset.
Step 1: Buy a Nexus phone.
There is no step two.
FTFY.
There's nothing to turn off on my Android... CarrierIQ isn't even installed... wasn't installed from the beginning. So.. who has the spyware riddle device now? The iPhone which actually has the software installed, or the Android where it isn't? Hmmmmm
Actually its easier than this.
Step 1: Buy an Android Phone
Don't buy it from a carrier and it doesn't have this crud installed.
The data is there all right. Here are a couple of maps from Finland - I don't actually know how they gather this data, but it's really thorough: http://www.elisa.fi/kuuluvuus/index.php / http://www.dna.fi/yksityisille/puhe/Kuuluvuus/kuuluvuuskartta/Sivut/Default.aspx
I think that the maps need to be this precise because a lot of people have second homes or cottages somewhere outside the cities, and naturally one would like to use the same operator everywhere.
I've got the iPhone, how do I crib smother this Carrier IQ parasite?
Open Settings, go to General, then About, then Diagnostics & Usage
See where it reads "Help Apple improve its products and services by automatically sending daily diagnostic and usage data, including location information." ?
It will have "Don't Send" with a check mark. Simply never click "Automatically Send", as that option will enable CarrierIQ.
There is also a button below to display the raw data it will send, and the word "Never" which is presumably the time it last sent data out.
If you've upgraded to iOS5, this screen will be missing because they removed the software already.
Most easy example: keystrokes.
Data, e.g., passwords, sent over https encrypted connections aren't visible by the carrier.
Yet, if the carrier logs keystrokes, they get to see them. A malicious third party could hijack the data as well.
Got it?
no, they have much of the diagnostic data the handset could possibly provide, apart from your exact gps verified location.
what they don't have certain know about without spying on your handset is stuff like if you're running vpn and tethering. why does it matter? because at&t & etc want you to pay more for your bytes depending on where you move them from.
(actually they would need permission to go through those logs just for fun, even if it's required for them to store the data it's not like they can take a peek, wiretapping is still wiretapping - even if a shitload of wanabe admins don't want to admit to it, since it makes it harder for them to diagnose who's torrenting. well shit luck, it's still wiretapping and illegal in the western hemisphere)
also as in regards to sms storing. "special software required to read them" probably means that it's bullshit talk for encrypted, still, it takes space on the device as as noted is totally unnecessary since they already have all the texts. BUT.. this gives access to a different department, ie. the wackos who ordered the customizations and marked the checkboxes when ordering their ciq version. that's the handset customization dweebs.
world was created 5 seconds before this post as it is.
How am I supposed to throw a bridge out the window? A bridge I'm driving on, no less!
it's really rather easy to gather. slap some sw on a phone and start driving around.
slap a logger box on your access point installers van and that's another way. no need to go spying on everyone.
SO.. ciq is not needed for this at all.
world was created 5 seconds before this post as it is.
You are right about https. However in the original post says: "under some limited circumstances its software will log the contents of SMS messages sent to a user's phone, but that that the contents of those messages would not be human readable. Instead, they would be in an encoded form that could not be decoded without special software and the carriers don't have access to the contents of the messages either." which is totally false. Carriers has access to content of SMS as they are delivered in polain text through their network. So this citation shows that Carrier IQ has no clue how GSM network work or they have something more to hide and do those silly attempts to calm down people with lies.
Our client Trevor Eckhart (whose research set off the present firestorm) and his subsequent collaborator Ashkan Soltani have shown that on some phones, dialer keypresses and SMS text are being written to system logs by layer 4 code.
It doesn't matter the intent of the developers of the software. If it exposes private information by logging plain text information to a place where an application can access it, it is bad. Trevor Eckhart exposed a VERY dangerous effect of a software exposing private information. The developers should fix their shit and shut the fuck up.
Finally, there is an additional configuration file (called a "Profile") that controls the behavior of layer 2 and determines what information is actually sent from the phone to a carrier or other Carrier IQ client.
If the user does not have access, or even know there is access, to controlling the "Profile" it is spyware. If it can not be disabled or removed without rooting the phone it is a rootkit.
Having to work for a living is the root of all evil.
if the TLAs want data, let them get a search warrant.
if this is supposed to be a new economy, how come they still want my old fashioned money?
http://www.rcfp.org/can-we-tape
So with wire tapping laws, some states require all parties involved to give concent to the recording. These are 2 party states. All other states are 1 party states, which means only one person involved in the recording has to give concent.
Now if they are recording incoming information within a 2 party state, the sender of the SMS message has to give concent that the message can be recorded. This is reguardless of the contract of the owner of the phone has. Ultimately, anyone who has ever sent a message to one of these phones in a 2 party state could possible sue.
Unless you just really like its pre-installed single-player game, I think there's a Step 2 where you have to connect it to the telecom network.
Information theory is life. The rest is just the KL divergence.
Regardless of how many steps you take to connect the phone, it will still not be running CIQ.
Ah, so you must be the proverbial troll living under the bridge.
Sorry, you can't have my phone.
But we can't be sure? What the hell does that mean for giant programs like Windows? Or programs that you wouldn't suspect like video drivers (a two company duopoly), msn, IE, Router Firmware?, Microsoft Word, Firefox, Linux, etc.?
And what are our inklings of the penalties here? Can we penalize this company for doing something ferociousness when they were just following the orders of the FBI to "include a little code", or a court order not to discuss their involvement with law enforcement?
When programs send "random data" to fill packets we'll never know....
Perhaps a small country will speak out against this and all the genius tinfoil hats will move there and build paradise.
I pray for this every day.
Very good point. You can count on it. And the replacement is most likely not so easy to detect or understand. Perhaps they can switch it on or off and collect the data as a pool at opportune times when it may not be so easily noticed. As long as they have the source code and you don't, there is no way for you to understand how the device works, for or against your wishes. If you are not permitted to rebuild it, then you will never understand how it truly works. ...I guess the poor unwary consumer will just have to *trust* them as money flows aggressively from their shallow wallet to the deep corporate coffers. heh heh.