Loading 3 Votes - +

Carrier IQ Saga Continues

About a month ago, hacker Trevor Eckhart began exploring Android smartphone security and came across a piece of embedded software from CarrierIQ. He more or less reverse engineered components of it in conjunction with documents obtained from their website about its features and determined that for all intents and purposes, it was a rootkit.1 This created a huge buzz about the prevalence of the software as it is installed on virtually every smartphone from Android to iPhone with varying degrees of logging performed. Now, the point of the software was to permit telecommunications carriers to monitor performance of handsets on their networks to provide better service. The question really begged … how does logging my keystrokes, recording my text messages, provide remote access, etc help the network? At first, the company tried to censor the researcher for revealing the extent to which their software monitored phone owners. After the EFF stepped in to protect him, CarrierIQ instead came forward with a 19 page pdf response on their software even specifically addressing a recent FOIA request to the FBI for it’s use of CarrierIQ data. The FBI, rather than deny they utilized CarrierIQ’s information simply refuses to release records about it. Despite CarrierIQ’s continued denial the software does things like log keystrokes, Trevor Eckhart demonstrates that it does exactly that in his Carrier IQ Part #2 analysis (which is also presented on the YouTube video above for those not interested in reading).

1 For more information on the fundamentals of rootkits, read r00tkit Analaysis: What is a Rootkit? here on OmniNerd.

Similarly tagged OmniNerd content:

Information This article was edited after publication by the author on 14 Dec 2011. View changes.

Share & Socialize

What is OmniNerd?

Omninerd_icon Welcome! OmniNerd's content is generated by nerds like you. Learn more.

Voting Booth

Can Trump make America great again?

14 votes, 1 comment