October 1, 2016

Bitdefender Releases Carrier IQ Finder for Android

(LiveHacking.Com) – Carrier IQ has been very much in the headlines this week with accusations, rebuttals and counter accusations over privacy deficiencies in Carrier IQ’s mobile phone diagnostic system. The system is shipped by default on a number of Android based mobile devices.

Although designed “just” to help carriers improve their networks there are concerns that the software is tracking and recording more than it should.

As a result Bitdefender have created a new tool that identifies the presence of the controversial mobile network diagnostic tool.

“Bitdefender values users’ privacy and their right to take informed decisions when entering a deal with a mobile carrier,” said Alexandru Balan, senior Product Manager of the Bitdefender Mobile Unit. “Although the manufacturer claims that only some of the information provided through the Carrier IQ application is used by the carrier, the amount of personal data the app has access to raises serious privacy concerns.”

Unfortunately the Bitdefender tool isn’t able to disable or uninstall the Carrer IQ app as it is deeply buried in the device firmware.

The application can be freely downloaded via the Android Market here.

Carrier IQ Fights Back – Says it isn’t Snooping

(LiveHacking.Com) – Carrier IQ hit back at allegations made by security researcher Trevor Eckhart that their Android app is recording and forwarding all kinds of personal information. The company has issued another press release to “clarify” what its app does and one of the company’s VPs has been speaking to AllThingsD.

In the press release Carrier IQ states that its app:

  • Measures and summarizes performance of a device to assist Operators in delivering better service.
  • Does not record, store or transmit the contents of SMS messages, email, photographs, audio or video.
  • Operates exclusively within that framework and under the laws of the applicable jurisdiction. Any data gathered is transmitted over an encrypted channel.
In the interview with AllThingD, Andrew Coward, Carrier IQ’s VP of marketing, says that the app receives a huge amount of information from the operating system. But just because it receives it doesn’t mean that it’s being used to gather intelligence about the user or is passed along to the carrier:
  • “What the Eckhart video demonstrates is that there’s a great deal of information available on a handset,” says Coward. “What it doesn’t show is that all information is processed, stored, or forwarded out of the device.”
  • “If there’s a dropped call, the carriers want to know about it,” says Coward. “So we record where you were when the call dropped, and the location of the tower being used. … Similarly, if you send an SMS to me and it doesn’t go through, the carriers want to know that, too. And they want to know why — if it’s a problem with your handset or the network.”
  • “We don’t read SMS messages. We see them come in. We see the phone numbers attached to them. But we are not storing, analyzing or otherwise processing the contents of those messages.”
  • “It’s the operator that determines what data is collected,” says Carrier IQ CEO Larry Lenhart. “They make that decision based on their privacy standards and their agreement with their users, and we implement it.”
  • “What’s actually gathered, stored and transmitted to the carrier is determined by its end-user agreement,” he says. “And, as I’m sure you’re aware, the carriers are highly sensitive about what data they’re allowed to capture and what they’re not allowed to capture.”

 

Proof Published that Carrier IQ is Recording Key Presses and Location Data

(LiveHacking.Com) – Trevor Eckhart has posted a YouTube video showing what could be conclusive proof that Carrier IQ are monitoring the key presses and location information of millions of smartphones.

Using a stock HTC EVO handset reset to its factory settings, Eckhart shows how each numeric tap and every received text message is logged by the Carrier IQ software.

“We can see that Carrier IQ is querying these strings over my wireless network [with] no 3G connectivity and it is reading HTTPS,” said Trevor in the video.

This is the latest revelation in a series of discoveries which Eckhart has been posting about the Carrier IQ “app” that resides in a number of HTC Android smartphones. In his original findings, which were published on November 14th, Eckhart analysed in great detail what Carrier IQ does, how it does it, and why it is a bad thing.

In response Carrier IQ threatened legal action and sent a cease-and-desist letter and asked Eckhart to issue a press release admitting “inaccuracies” and to “apologize to Carrier IQ, Inc. for misrepresenting the capabilities of their products and for distributing copyrighted content without permission.”

The Electronic Frontier Foundation (EFF) then got involved. Finally Carrier IQ posted a PDF to clarify how their product is used and the information that is gathered from smartphones and mobile devices. They also apologized to Eckhart and the EFF saying “Our action was misguided and we are deeply sorry for any concern or trouble that our letter may have caused Mr. Eckhart. We sincerely appreciate and respect EFF’s work on his behalf, and share their commitment to protecting free speech in a rapidly changing technological world.”

The question is now what will Carrier IQ’s response be to this latest video. Trevor’s video ends with some important questions, “Why does SMSNotify get called and show to be dispatching text messages to [Carrier IQ]?” and “Why is my browser data being read, especially HTTPS on my Wi-Fi?”

Trevor and the rest of the information security fraternity are awaiting their reply.