November 30, 2011 | by Andrew Kameka
When security researcher Trevor Eckhart discovered that CarrierIQ was logging a surprising amount of data, the company promptly sent Eckhart a cease-and-desist letter that threatened legal action if he didn’t stop publishing information about the company and what its products do behind-the-scenes on Sprint HTC phones. After the Electronic Frontier Foundation came to Eckhart’s defense, CarrierIQ backed-off its legal threats and simply said it does not log keystrokes or do anything other than provide network operators with data to help help better serve customers.
So why is it that Eckhart now has video proof showing that Carrier IQ does log all data entered into the phone, including phones numbers dialed, emails sent, and buttons pressed? This despite Carrier IQ releasing a statement to the media two weeks ago emphatically denying any such thing takes place.
While we look at many aspects of a device’s performance, we are counting and summarizing performance, not recording keystrokes or providing tracking tools. The metrics and tools we derive are not designed to deliver such information, nor do we have any intention of developing such tool. – Carrier IQ, Nov. 16
Either Carrier IQ is telling a blatant lie or the company is unaware of what’s happening with its own software. In this video by Eckhart, spotted via Geek.com, it’s clear that there is definitely some keylogging going on. Using an HTC EVO 3D on Sprint, the computer logs when the home and back buttons are pressed, which could reasonably be expected to serve as part of CIQ’s “performance” research. Maybe it’s just seeing if the back button might be what triggers a force close.
But as the video progresses, things become less explainable. Even when searching Google using HTTPS, which is supposed to be encrypted and secure, Carrier IQ displays the information in plain text. The IQ application is then seen logging phone numbers that a person dials, and an SMS message – including number and the actual body of the message – is recorded before it even displays on the phone. Carrier IQ appears to know that your daughter is staying at a friend’s house before you do.
Visit AndroidSecurityTest.com to dive deeper into Eckhart’s research.