Hardware 2

advertisement
Hardware 2.0
So, there's a rootkit hidden in millions of
cellphones
By Adrian Kingsley-Hughes | December 1, 2011, 6:20am PST
Summary: Rootkit found in Android, Symbian, BlackBerry, webOS and even iOS
handsets … but not Windows Phone handsets.
[UPDATE: According to a statement from Apple, the company stopped supporting
Carrier IQ with iOS 5.0.]
iPhone owners: Here’s how to disable the collection of diagnostic information on your
handset.
So, it seems that there is a rootkit hidden in millions of Android, Symbian, BlackBerry,
webOS and even iOS handset that logs everything we do.
WHAT?!?!?!
[UPDATE: According to Nokia, 'CarrierIQ does not ship products for any Nokia
devices.']
The rootkit belongs to a company called Carrier IQ and it seems that it has low-level
access to the system that allows it to spy on pretty much everything that you do with your
handset. This, on the face of it, seems like an extremely serious breach of security,
privacy and trust.
The capabilities of the rootkit were first discovered by 25-year-old Trevor Eckhart.
Here’s a video showing how everything, including text messages and encrypted web
searches, are being logged. It’s truly horrifying.
NOTE: At this point there is no evidence to suggest that keystroke data is being
transmitted from the handset.
According to Carrier IQ the company is ‘not recording keystrokes or providing tracking
tools.’ The video above seems to suggest otherwise.
When Eckhart initially labeled the software as a rootkit, Carrier IQ threatened him with
legal action. Only when the Electronic Frontier Foundation stepped in did the
company back off from this threat.
“Every button you press in the dialer before you call,” Eckhart says on the video, “it
already gets sent off to the IQ application.”
Like I said earlier, there’s a version of Carrier IQ on Apple’s iOS, but it doesn’t seem to
be quite the same and doesn’t seem to access as much information. Also, if you want to
disable Carrier IQ on your iOS 5 device, turning off Diagnostics and Usage under
Settings seems to be enough.
You might have noticed that I didn’t list Windows Phone 7 OS earlier. That’s because it
seems that Windows Phone handsets don’t have Carrier IQ installed.
Here’s a video that explains some more about Carrier IQ. This video also contains a clip
from a video by Carrier IQ’s vice president of marketing explaining how the company
sees this as being completely legal.
There are a LOT of unanswered questions. I’m expecting an avalanche of press releases
from a lot of carriers and handset makers over the next few days.
Here’s a video by Carrier IQ CEO Larry Lenhart describing the benefits of their
technology. According to Lenhart, Carrier IQ doesn’t record keystrokes and doesn’t
provide tracking tools:
[UPDATE: Some carriers and makers are already coming out with details.]
Poll
Carrier IQ ... do you want it removed from your handset?
Yes
No
Undecided
VoteView Results
Poll
Do you believe that you opted-in or consented to Carrier IQ logging?
Yes
No
VoteView Results
What are your thoughts on this?
Related:





So, there’s a rootkit hidden in millions of cellphones
How to disable the Carrier IQ ‘rootkit’ on your iPhone
CarrierIQ: Follow the money and it is the carriers behind it
Finding and cleaning out your smartphone’s Carrier IQ poison
Senator demands answers over Carrier IQ mobile phone tracking
Download