News regarding Carrier IQ, a third-party service loaded on certain smartphones that's capable of tracking users and even recording keystrokes, has been spreading rapidly in the past few days, though the original discovery happened back in March. The world is still learning more about what the service specifically does, but the latest news is that references to Carrier IQ were found in Apple's iOS, the operating system used by the iPhone and iPad. Here's what you need to know.
Carrier IQ is a little bit of software installed on the kernel level (meaning, way deep down where users can't really get to it) on many of the most popular smartphones in the country. It's a data collecting tool, essentially, getting to-the-minute information on, as Carrier IQ says, dropped calls, signal strength, battery issues, that kind of thing. The software, it seems, is applied by the wireless carrier (like Sprint or AT&T) rather than the device manufacturers--recent comments from HTC and RIM (makers of BlackBerry) suggest that the manufacturers have nothing to do with this software and even, in the case of RIM, do not approve of it. The software is installed without the user's permission before the phone is bought, and the user is not made aware of its existence.
We all know our phones are being tracked, in all kinds of ways and by all kinds of people. Sometimes it's for diagnostic purposes, like what Carrier IQ claims they're doing. Sometimes it's for advertisers. Sometimes it's unclear. But what's alarming about Carrier IQ is two things: its power and its lack of transparency.
Carrier IQ claims that their software does not monitor keystrokes--basically, everything you tap into your phone. That would include passwords, browsing history, personal correspondence, text messages, everything. Trevor Eckhart, an XDA developer (XDA is one of the largest online forums for developers working with Android and other platforms) from Connecticut, is the man responsible for discovering Carrier IQ, and in this video, he pretty clearly proves that the software does indeed have the ability to--and does--log your keystrokes. Even worse, it secures a connection to send these logs back to Carrier IQ even if your phone is in airplane mode, which is designed to turn off all wireless connections.
Eckhart posted several videos about Carrier IQ, calling it a "rootkit," a name for software surreptitiously installed on devices that monitors their use without making their presence known. Carrier IQ responded with a cease-and-desist letter (and a damned aggressive one at that--you can read it here (PDF)), though they relented, apologized, and retracted the letter once the Electronic Frontier Foundation came through and defended Eckhart.
The name "rootkit" is not inaccurate; it was only by chance that Eckhart stumbled on the service, which nobody in the press was aware of before he posted his video. It's basically impossible to remove, even for an experienced developer like Eckhart.
Gizmodo has a live updating list of the phones and tablets that are safe, inasmuch as somebody has claimed they are safe. Not to say we don't believe, say, Verizon when they tell us they have never used Carrier IQ, but we are obliged to report that Verizon is the only source telling us facts about Verizon, which makes us sort of reluctant to report them as unassailable facts. Non-Nexus Android phones seem to be at the most risk; Eckhart's original discovery was on an HTC phone running Android, and phones from manufacturers like Samsung have also been found to be using Carrier IQ.
Devices running iOS, like the iPhone and iPad, well, that's a little bit different. An apparently "well-known" iPhone hacker going by the name Chpwn has found references to Carrier IQ deep within the iPhone's internal files. That was verified by The Verge, so we can pretty safely say that Apple does use Carrier IQ. However, it's a very limited form: unlike the Android version Eckhart found, the iPhone version is actually turned off by default, collecting and sending no data at all. As it turns out, it's only in action when an iPhone is in diagnostic mode, which would only be used when a user or repair person is doing some serious work on the phone. Even then, it only seems to record limited information like call quality and broad location, and doesn't track keystrokes at all. So iPhone users are, on the whole, safe from whatever Carrier IQ is doing.
Other platforms are less clear. Carrier IQ seems more dependent on carrier than platform, so even though RIM says it does not use Carrier IQ on its BlackBerrys, that doesn't mean your AT&T or Sprint BlackBerry is Carrier-IQ-free. Microsoft also says its Windows Phones do not come with the software; it's not clear if Windows Phones can have Carrier IQ applied or not.
Eckhart, that inexhaustible developer, created a little program that'll detect if Carrier IQ is installed on your phone. You can download it here. But to fully rid yourself of the rootkit, well, that's not easy. You'll have to root your phone, which (while having some nice benefits of its own, especially for Android users) may violate your terms of service and make your relationship with your wireless carrier a little dicey in terms of future servicing.
Probably not, but that doesn't mean what Carrier IQ, the wireless carriers, and cellphone manufacturers are doing is at all okay. Something like keystroke logging is so sensitive that any service that does it should be glaringly obvious, and, most importantly, turned off by default. Users should always know when what they type isn't private. That being said, despite Carrier IQ's lousy reaction to this whole thing (note to all electronics companies: do not sue hackers), we really don't know what Carrier IQ was being used for, only what it's capable of. It could certainly have been used to track strength of signal related to location, which, fine! That could be helpful! But its lack of transparency and its ability to do some very, very nasty things means that somebody owes some smartphone owners an apology--and a rethinking of privacy policies.