Phantom Maelstrom Blog is no longer active. The new address is at

Saturday, December 3, 2011

Your Smartphone may be spying on you

It's cool to have a smartphone, but did you know your smartphone had been spying on you? According to a tech news, an Android developer recently discovered a clandestine application called Carrier IQ built into most smartphones that doesn't just track your location, but it also secretly records your keystrokes (kinda like keylogger), and there's nothin you can do about it.

The reason for this invasive Android app seems reasonable enough at face value. Even though it's on most Android, BlackBerry, and Nokia devices, most users would never know that Carrier IQ is running in the background, and that's sort of the point. As described on the company's website, it is a software that gains them "unprecedented insight into their customers' mobile experience," Carrier IQ is ostensibly supposed to help mobile carriers and device manufacturers gather data in order to improve their products.

Tons of applications actually do this, and you're probably used to those boxes that pops up on your screen and ask if you want to help the company by sending your data back to them. If you're concerned about your privacy though, you can just tap no and go about your merry computing way. As a security-conscious Android developer, Trevor Eckhart realized, however, that Carrier IQ does not give you this option, and unless you were code-savvy and looking for it, you'd never know it was there. And based on how aggressive the company has been in trying to keep Eckhart quiet about his discovery, it seems like Carrier IQ doesn't want you to know it's there either.

Eckhart first raised a red flag about Carrier IQ about two weeks ago when he started investigating reports that a software update on the HTC EVO 3D included "user behavior logging" code. The code had worried some geek bloggers when it showed up a couple months ago, but HTC and Sprint insisted that it wasn't much different than normal error-logging software and certainly didn't gather granular data like "contents of messages, photos, videos, etc." Eckhart wrote an exhaustive blog post about his startling findings - Carrier IQ collected lots of data, including keystrokes, and there is no way for the user, without advance knowledge, to opt out - and Carrier IQ flipped out. The company sent Eckhart a cease-and-desist letter demanding that he keep his mouth shut and threatening legal actions. But after the Electronic Frontier Foundation (EFF) took a look at the case and determined that Eckhart was working within his First Amendment rights, it backed off but still denied that they recorded keystrokes.

This week, Eckhart fired back with a 17-minute long video showing in painstaking detail how much data CarrierIQ collects, effectively undercutting the company's denial. It was even logging contents of text messages! Wired posted the video on Tuesday night and cemented its status "as one of nine reasons to wear a tinfoil hat." The magazine explains how CarrierIQ even undercuts other companies' security measures:
The video shows the software logging Eckhart's online search of "hello world." That's despite Eckhart using the HTTPS version of Google which is supposed to hide searches from those who would want to spy by intercepting the traffic between a user and Google. ... It's not even clear what privacy policy covers this. Is it Carrier IQ's, your carrier's or your phone manufacturer's? And, perhaps, most important, is sending your communications to Carrier IQ a violation of the federal government's ban on wiretapping?
CarrierIQ and the carriers have yet to respond to the latest claims, and if past smartphone tracking scandals are any precedent, they could end up answering to Congress.

Like many things in life, there are a couple of different ways to think about smartphone tracking. One way approaches privacy from a forward-thinking, technology-trusting and even progressive perspective. GPS-equipped smartphones are incredibly powerful tools that enables mankind to do all kinds of amazing things, thanks to the perpetual stream of data from the Internet. However, that stream runs both ways, and sometimes, the folks that build and maintain the network sometimes need to monitor your data in order to improve the technology.

But tracking can also be creepy. In an Orwellian kind of way, it makes people nervous. It can make people go paranoid, probably thinking the government or the corporations or the system is closing in on them and stealing their freedom. Of course, not everybody feels so strongly about privacy, but as long as you can opt out, it's find. Last week, Senator Charles Schumer was said to had spoke out about a program at some malls in Virginia and Southern California that were anonymously tracking shoppers' movements by tracking their cell phone signals, and the only way to opt was by not going to the mall. Schumer did not approve. "Personal cell phones are just that - personal," the New York senator said in a statement. "If retailers want to tap into your phone to see what your shopping patterns are, they can ask you for your permission to do so."

The CarrierIQ software is not dissimilar to the shopper tracking program. In fact, it's arguably worse since it follows you everywhere. In the age of social media, everybody is becoming increasingly aware of and often angry about the amount of private data companies are scooping up with or without their consent.


Post a Comment

Twitter Delicious Facebook Digg Stumbleupon Favorites More

Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes | Powerade Coupons