Linked by Thom Holwerda on Thu 1st Dec 2011 22:29 UTC
Privacy, Security, Encryption So, this has been causing a bit of a major dungstorm - and rightly so. As it turns out, many carriers are installing a piece of non-removable privacy-invading spyware on their smartphones called CarrierIQ. It doesn't matter whether you have a webOS, Android, BlackBerry or iOS device - carriers install it on all of them. Luckily though, it would appear it really depends on your carrier - smartphones in The Netherlands, for instance, are not infested with CarrierIQ. Update: As John Gruber rightfully points out, ever so verbosely, the headline here isn't particularly well-chosen. The article makes all this clear, but the headline doesn't. It's my birthday today, so my head wasn't totally in it - my apologies! Update II: Just got a statement from an HP spokesperson: "HP does not install nor authorize its partners to embed Carrier IQ on its webOS devices."
Thread beginning with comment 498595
To read all comments associated with this story, please click here.
Comment by MOS6510
by MOS6510 on Thu 1st Dec 2011 14:56 UTC
MOS6510
Member since:
2011-05-12

I defense of iOS, this "feature" is turned off by default and it does exactly what the included description says should you want to turn it on. So this his hardly spooky or nasty.

What some providers have installed can't be turned off and does a whole lot more logging 'n' reporting than iOS does.

Reply Score: 5

RE: Comment by MOS6510
by leos on Thu 1st Dec 2011 15:05 in reply to "Comment by MOS6510"
leos Member since:
2005-09-21

I defense of iOS, this "feature" is turned off by default and it does exactly what the included description says should you want to turn it on. So this his hardly spooky or nasty.

What some providers have installed can't be turned off and does a whole lot more logging 'n' reporting than iOS does.


How was this not mentioned in the article? Thom takes extra time to poke at iOS, and yet it isn't even remotely the same. By far the biggest privacy violation with CarrierIQ is that it monitors your text input, which doesn't happen on iOS.

Lumping a user opt-in feature that logs only general usage data with a real rootkit that logs everything is pretty ridiculous.

Only thing on that list that might concern people is location, but every carrier will know that anyway. Don't expect to move in anonymity if you're carrying a cell phone.

As for Android, another reason never to buy anything but Google devices.

Reply Parent Score: 1

RE[2]: Comment by MOS6510
by Thom_Holwerda on Thu 1st Dec 2011 16:26 in reply to "RE: Comment by MOS6510"
Thom_Holwerda Member since:
2005-06-29

How was this not mentioned in the article?


Probably because it IS mentioned in the article. Several times, in fact.

Did you even read it?

Reply Parent Score: 2

RE[2]: Comment by MOS6510
by MOS6510 on Thu 1st Dec 2011 19:54 in reply to "RE: Comment by MOS6510"
MOS6510 Member since:
2011-05-12

Like Thom said, it is mentioned.

However he does describe it as a root kit, that present on Android *AND* iOS, while I'd hardly call it a root kit on iOS. It's in plan sight and does what it says it does, you can turn it off which is the default.

Apparently the Android version can't be turned off by any normal means ordinary people would be able to do.

While I consider this a big bad thing, I don't think Android has any blame, apart from that it's open nature makes it easy to embed this kind of stuff.

Reply Parent Score: 2

RE: Comment by MOS6510
by NathanHill on Thu 1st Dec 2011 17:48 in reply to "Comment by MOS6510"
NathanHill Member since:
2006-10-06

As an iOS user, I'm certainly glad that it wasn't nearly as serious a (potential) threat as on some Android devices, but it still makes me nervous.

I think taking anonymous logs and statistics is probably helpful to companies who are genuinely looking to improve their services - the thing is, I haven't noticed tons of improvement from AT&T's coverage. Maybe if these companies are collecting this kind of data, it would be helpful if they released some kind of report of how it was helping them provide better services to their customers? A little bit of transparency, maybe?

Reply Parent Score: 2

RE[2]: Comment by MOS6510
by MOS6510 on Thu 1st Dec 2011 19:49 in reply to "RE: Comment by MOS6510"
MOS6510 Member since:
2011-05-12

It would be nice if you could see on a map how well their coverage is and if/when they are going to improve it if needed.

A few months ago I didn't have 3G when waiting at my son's school, but now I do. So things secretly do change, but it would be nice to know and even nicer if we could help (via auto diagnostics) and see what happens with this data.

Reply Parent Score: 2

RE: Comment by MOS6510
by Soulbender on Sat 3rd Dec 2011 04:25 in reply to "Comment by MOS6510"
Soulbender Member since:
2005-08-18

In defense of iOS, this "feature" is turned off by default and it does exactly what the included description says should you want to turn it on


Except that a) the carrier can turn it on before they ship your device and b) most people don't know it exists.
In a way, it's actually worse than android since at least then the carrier has to go through the work of installing it while with iOS all they need to to do is turn it on.

Reply Parent Score: 2

RE[2]: Comment by MOS6510
by MOS6510 on Sat 3rd Dec 2011 04:46 in reply to "RE: Comment by MOS6510"
MOS6510 Member since:
2011-05-12

How can it be worse if it doesn't log 'n' report keystrokes, CAN be turned off?

Besides I haven't read carriers turning it on before handing out iPhones. Apparently the iOS welcome routine asks the user if they want to turn diagnostics on.

No way Apple would ever allow anyone, carriers or other companies, to change anything on their products without them doing it for them (and even then they probably wouldn't).

Reply Parent Score: 1