Carrier IQ releases lengthy explanation of data collection practices

Carrieriq-logo

Do you have some time to kill today? How about you read a 19-page document from Carrier IQ and report back to the class what you found out.

In all seriousness, earlier this morning Carrier IQ released a lengthy document detailing exactly it’s doing with the data that is collected by its software. Most of this has been previously discussed, but as others have pointed out, there are two new bits of info that some people might find interesting:

  1. Remember Trevor Eckhart’s videos that got him into so much  trouble? Carrier IQ says that these are “debug messages from pre-production handset manufacturer software.” While Carrier IQ does admit that these logs are being generated on phones sold right now, Carrier IQ says it’s working with phone manufacturers to turn this process off once phones are activated.
  2. Carrier IQ says that under “unique circumstances” its software can in fact record SMS messages. This includes when “a user receives an SMS during a call, or during a simultaneous data session” although Carrier IQ claims that the texts are encrypted and unintelligible. It is currently, again, working with phone manufacturers to fix this bug.

So, the question remains: do you buy it?

[Carrier IQ via Gizmodo] [updated link]
Pocketables does not accept targeted advertising, phony guest posts, paid reviews, etc. Help us keep this way with support on Patreon!
become a patron button - for some reason we don't have an alt tag here

John F

John was the editor-in-chief at Pocketables. His articles generally focus on all things Google, including Chrome and Android, although his love of new gadgets and technology doesn't stop there. His current arsenal includes the Nexus 6 by Motorola, the 2013 Nexus 7 by ASUS, the Nexus 9 by HTC, the LG G Watch, and the Chromebook Pixel, among others.

Avatar of John F

22 thoughts on “Carrier IQ releases lengthy explanation of data collection practices

  • Avatar of Nurdyboy
    December 13, 2011 at 6:30 am
    Permalink

    Hell no i dont. Its when carriers and handset makers need to admit to there mess up and make things right. Just a another resin for ROOTING are EVO’S. Hell we pay for it why cant I do what I want with it. ” So we can monitor your every move and take away your privacy” thats why. To hell with that. And to that I say BULL SHHHHHHH!!!!

    Reply
  • Avatar of Fabian S
    December 13, 2011 at 6:56 am
    Permalink

    No matter how they explain it they are still at fault. They sold software to companies with such severe “bugs” that record very intimate, important, and private data. They say its “encrypted” but I think if people as smart as Treve are able to hack the software then anyone serious about hacking our data can do it with ease. Carrier IQ needs to realize their faults, man-up, and shut down. Sorry to say but there is no need for them to have our keystrokes, sms, and recorded calls.

    Reply
  • Avatar of Drew
    December 13, 2011 at 7:59 am
    Permalink

    Again, Carrier IQ is a software company. Although they’re not completely innocent in all this, its important to note that they didn’t force their software onto our phones, it was the carriers who bought the software and implanted it in our phones. So it is our carriers, Sprint, AT&T etc. who should be held accountable.

    Reply
  • Avatar of Tony
    December 13, 2011 at 8:49 am
    Permalink

    But at the same time, thats like someone producing drugs and selling them. Ultimately the end user and producer are both accountable. They know the capabilities of their product and sell it to the carriers, placing them both at fault IMHO. I don’t buy that the carriers are the ones that activate the logging capabilities like they have claimed.

    Reply
  • Avatar of BMan
    December 13, 2011 at 9:40 am
    Permalink

    I don’t trust any of it . There’s just too much back and forth. Every time someone else gets involved they are constantly retracting previous statements or adding statements that state”well, maybe you guys were right, but it’s not exactly what it looks like “. Watch this statement will change again next week.

    Reply
  • Avatar of Kaerie Peterson
    December 13, 2011 at 9:47 am
    Permalink

    Do.Not.Want. I was happy with my stock, un-rooted EVO — very happy. But I’m not going to put up with this. I rooted the day TrevE’s video came out and don’t imagine I’ll ever go back to a stock phone. No more launch day phones for me. I’ll wait until root is available before ever getting another phone.

    Reply
  • Avatar of Fabian S
    December 13, 2011 at 10:15 am
    Permalink

    Like Tony said, both are accountable. I mean Carrier IQ developed a software that was capable of acquiring data without the user knowing and the carriers accepted that as well. Both need to realize their faults and carrier IQ just needs to give up trying to save face.

    Reply
  • Avatar of Ryan
    December 13, 2011 at 11:10 am
    Permalink

    Hopefully soon I dont have to buy it, I wont care. I will get a Nexus and be done with that crap.

    Reply
  • Avatar of Dro3d
    December 13, 2011 at 11:16 am
    Permalink

    Don’t buy it for a second. Hopefully legal action will get the software removed as a whole.

    Reply
  • Avatar of biker1
    December 13, 2011 at 12:27 pm
    Permalink

    Those violins are getting louder and louder.
    I’ll let Congress grill these Bastards, along with Sprint and HTC, and see how it turns out.
    Those pink slips will be a’fly’n!
    There’ll be more Rats at these Hearings, than in a Lab.

    Reply
  • Avatar of Ex EVO
    December 13, 2011 at 12:44 pm
    Permalink

    I’m not too worried that carriers would collect keystroke information, text messages, and stuff like that on a large scale for their own purposes even if they use software that has the ability to do so. It would be costly to store that much information and what would the carriers do with it? Rather, the ability to collect privacy sensitive information has typically been forced on the carriers by legislation such as CALEA and driven by law enforcement and intelligence agencies. While carriers may be interested in debugging connection problems, large scale spying on customers is not in their economic interest.

    Even without Carrier IQ, the carriers already have the ability to do a lot of stuff that may seem questionable from a privacy standpoint. For instance, they can figure out where you are if your cellphone is on by doing cell tower pings or reading the phone’s GPS. (They are required to have that capability by the FCC’s Enhanced 9-1-1 rules.) Moreover, when you make a call, they will store the call detail records that will show the time and duration of the call, who you talked to, and approximately where you were during the call (based on the cell tower information). Sprint has a gigantic database with this information going back several years that is primarily used for forensic purposes. When a law enforcement agency is interested in a suspect’s whereabouts and cellphone activity during some past time period, it will obtain a court order and present it to Sprint. Sprint will look up the information in its database and hand it over. And, of course, the NSA is supposed to have an even larger database with CDRs from all the major carriers.

    Reply
  • Avatar of weirdia
    December 13, 2011 at 2:10 pm
    Permalink

    Your phone and carrier generate and collect records of all your calls and text messages, they always have. Go ahead and worry about it.

    Reply
  • Avatar of weirdia
    December 13, 2011 at 2:14 pm
    Permalink

    I’m sure that goes for data traffic as well, and not just how much but what & where.

    Reply
  • Avatar of Ernie
    December 13, 2011 at 2:47 pm
    Permalink

    Time to buy a throw away

    Reply
  • Avatar of Steve Gaudreau
    December 13, 2011 at 4:11 pm
    Permalink

    Yeah Rrrriiiiigggghhht!!

    Reply
  • Avatar of Patrick
    December 14, 2011 at 4:12 am
    Permalink

    Just wondering what all you people are doing on your phones that have you so worried about this.

    I understand the privacy thing, but neither sprint, ciq, or HTC has enough man power to really look through your recorded data.

    If you guys are really worried about his, take a look at the operating system you use right now on your home computers, the web browsers that remember where you have visited, the event logs and so on and so forth.

    I believe this software was created with honest positive intentions, but is more of a security hole rather than anything else. The only other thing is not being able to opt out or even be notified of it’s functions.

    Reply
  • Avatar of Patrick
    December 14, 2011 at 4:54 am
    Permalink

    Holy crap!

    http://www.dailytech.com/article.aspx?newsid=23511

    Trevor works for competing tracking firm.

    “The interesting thing is that if Carrier IQ gets the boot or gets sued out of existence, it will create a vacuum in terms of telemetry gathering in the consumer space. As a company already deeply invested in tracking and telemetry solutions, that’s just the kind of thing that could allow Intergis to get its talons on the consumer market.”

    Reply
  • Avatar of Dro3d
    December 14, 2011 at 1:12 pm
    Permalink

    We all sell crack and murder people. It’s not about being paranoid its about the right to privacy. Also I know that I don’t need my passwords and credit card information being logged by any company.

    Reply
  • Avatar of biker1
    December 14, 2011 at 3:29 pm
    Permalink

    Shhhhhh……..
    That was a ‘secret.’

    Reply
  • Avatar of D
    December 16, 2011 at 9:34 am
    Permalink

    Maybe you should actually look up facts. The company he works for routes TRUCK DRIVERS. It does not appear to be anything to do with metric gathering or telemetry. Real Time GPS and workorder management for corporate workers – YES. Gathering data about networks/devices – NO.

    Reply

Leave a Reply

Your email address will not be published.