[olug] [OT]: Researcher’s Video Shows Secret Software on Millions of Phones Logging Everything

SndChaser sndchaser at cerebralrift.org
Fri Dec 2 14:37:51 UTC 2011 

Kevin,

Read the articles on the XDA Dev site:

http://www.xda-developers.com/android/the-rootkit-of-all-evil-ciq/
http://www.xda-developers.com/android/more-on-carrier-iq/

One of the things to understand is that CIQ is integrated into the 
*core* of the Android OS.  Any module(s) like the interface shown in the 
video are not required for CIQ.  IMO - the best way to be certain that 
it is not there would be to watch the messages over the USB bus using 
debug as Trevor does in his video.

George

On Thu, 1 Dec 2011 19:23:31 -0600, Kevin wrote:
> It isn't on my unrooted Droid Incredible(v1). He says go to
> applications and scroll down to Carrier IQ, but I don't have that on
> my list. It could be that a rootkit is hiding it, but a search 
> through
> my entire filesystem for ciq, carrier iq, or carrieriq using a third
> party tool(Astro File Manager) found no instances of any of the 
> three.
> I'm not sure it's on here, and therefore I'm not sure that the OP 
> from
> Wired is to be trusted. When you make incredible accusations, you
> better be able to back them up.
>
> On Wed, Nov 30, 2011 at 19:05, DYNATRON tech <dynatron at gmail.com> 
> wrote:
>> it wasn't on my droidx (verizon).
>>
>> On Nov 30, 2011 6:59 PM, "Dave Rowe" <dave at roweware.com> wrote:
>>>
>>>
>>> Hopefully Verizon reads these keystrokes.
>>>
>>> -Dave
>>
>> hopefully?
>>
>>> On Nov 30, 2011 6:47 PM, "DYNATRON tech" <dynatron at gmail.com> 
>>> wrote:
>>>
>>> > 
>>> http://forum.xda-developers.com/showpost.php?p=17612559&postcount=110
>>> >
>>> > (page for tool)
>>> > On Nov 30, 2011 6:41 PM, "DYNATRON tech" <dynatron at gmail.com> 
>>> wrote:
>>> >
>>> > > well, i feel violated.
>>> > > i use ssh on my phone to access several servers...carrierIQ has 
>>> my
>> login
>>> > > credentials now.
>>> > >
>>> > > a keylogger falls under wiretap laws IMO
>>> > >
>>> > > androidsecuritytest.com seems to be the place to check out.
>>> > > On Nov 30, 2011 6:35 PM, "Christopher Cashell" 
>>> <topher-olug at zyp.org>
>>> > > wrote:
>>> > >
>>> > >> On Wed, Nov 30, 2011 at 6:07 PM, Dan Linder <dan at linder.org> 
>>> wrote:
>>> > >> > From what I understand, the "Carrier IQ" tool is the 
>>> electronic
>>> > >> > version of the Verizion guy who says "Can you hear me now?" 
>>>  Each
>> time
>>> > >> > your phone drops a call, gets a high rate of errors, etc, 
>>> this tool
>>> > >> > logs that information and will upload it to the carrier as 
>>> an
>>> > >> > additional datapoint for their coverage team to use.
>>> > >>
>>> > >> That was my original thought, and how I pretty much wrote off 
>>> the
>>> > >> concerns, too.  Now, I'm not so sure.  Capturing the full 
>>> content of
>>> > >> text messages, and web browser searches (performed with HTTPS, 
>>> over
>>> > >> wifi, with all other radios disabled) by a third-party 
>>> application
>>> > >> goes way beyond what I'd consider reasonable technical or 
>>> service
>>> > >> quality data.  The fact that someone has verified that it is
>> capturing
>>> > >> this information, along with a lot more, is very 
>>> disconcerting.
>>> > >>
>>> > >> > The conspiracy theory side of me says "Yeah, but what else?" 
>>> and it
>>> > >> > may be true.  Sadly we might never know unless it was made 
>>> FOSS.
>>> > >>
>>> > >> Not sure if you read the full article or watched the video, 
>>> but Mr.
>>> > >> Trevor Eckhart has done a pretty thorough analysis of the 
>>> software's
>>> > >> activity, showing an extent that seems to be very suspicious 
>>> at best,
>>> > >> and very scary at worst.  If it's logging (and potentially 
>>> sending) a
>>> > >> google search query performed over HTTPS, is it also logging 
>>> (and
>>> > >> potentially sending) credit card numbers and other personal
>>> > >> information to them?
>>> > >>
>>> > >> At the very least, this needs further investigation, and 
>>> should have
>>> > >> an option for disabling (and removing) it.
>>> > >>
>>> > >> > Dan
>>> > >>
>>> > >> --
>>> > >> Christopher
>>> > >> _______________________________________________
>>> > >> OLUG mailing list
>>> > >> OLUG at olug.org
>>> > >> https://lists.olug.org/mailman/listinfo/olug
>>> > >>
>>> > >
>>> > _______________________________________________
>>> > OLUG mailing list
>>> > OLUG at olug.org
>>> > https://lists.olug.org/mailman/listinfo/olug
>>> >
>>> _______________________________________________
>>> OLUG mailing list
>>> OLUG at olug.org
>>> https://lists.olug.org/mailman/listinfo/olug
>> _______________________________________________
>> OLUG mailing list
>> OLUG at olug.org
>> https://lists.olug.org/mailman/listinfo/olug
> _______________________________________________
> OLUG mailing list
> OLUG at olug.org
> https://lists.olug.org/mailman/listinfo/olug

-- 
We need to heed the words of the Dalai Lama,
Or at least, the words of your mama.

More information about the OLUG mailing list