stories from November 15th, 2011

Do Tons Of Sprint And Verizon Phones Contain A Rootkit, Potentially Tracking All Sorts Of Info?

from the privacy,-what's-that? dept

Tue, Nov 15th 2011 3:02pm — Mike Masnick

Security researcher Trevor Eckhart has put out a report suggesting that a ton of Sprint and Verizon Wireless mobile phones have what is effectively a rootkit installed on them. Specifically, he's talking about CarrierIQ, a bit of software intended to monitor device usage, supposedly for the purpose of understanding problems that a user might be having and helping to troubleshoot remotely. The description of the software seems mostly innocuous:

Carrier IQ is used to understand what problems customers are having with our network or devices so we can take action to improve service quality.

It collects enough information to understand the customer experience with devices on our network and how to devise solutions to use and connection problems. We do not and cannot look at the contents of messages, photos, videos, etc., using this tool

However, in digging into the details of the software, Eckhart realized that it can easily track all sorts of info, including what websites people are visiting and what keypresses they make. The software can also surreptitiously report where the phone is located. He further notes that the software is purposely hidden on a bunch of devices, and on many it appears that you simply can't turn it off.

Now, I don't think anyone is suggesting anything nefarious here. There are reasons why operators like to collect this kind of data and, in the aggregate, it seems useful. But, as Eckhart looked in more detail at training materials for the software, he realized it could easily be used to track at a much more granular level, down to individuals. The potential for abuse seems pretty high. Again, it's obvious why this software is installed, but it raises questions about what carriers are doing to make sure the software isn't being abused. It's also somewhat troubling that the carriers aren't all that straightforward about how this software is monitoring their users...

Filed Under: mobile, rootkit, wireless
Companies: carrieriq, sprint, verizon

24 Comments

Follow Techdirt

Essential Reading

The Techdirt Greenhouse

Read the latest posts:

read all »

Techdirt Deals

Report this ad | Hide Techdirt ads

Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Older Stuff

Monday
05:39	Court Slaps Down Ajit Pai's Lazy FCC Ruling On 5G Safety, Likely Fueling Conspiracy Theorists (16)
Thursday
06:35	You Can Now Pay AT&T Extra To Adhere To The Dictionary Definition Of 'Unlimited' (16)
Tuesday
05:28	Verizon's UltraFast 5G Can Only Be Accessed 0.8% Of The Time (4)
Monday
09:31	5,000 T-Mobile Employees Lost Their Jobs Post-Merger While Ex-CEO John Legere Saw A $137 Million Golden Parachute (3)
Wednesday
06:39	Despite A Decade Of Complaints, US Wireless Carriers Continue To Abuse The Word 'Unlimited' (10)
Tuesday
06:30	Yet More Studies Show That 5G Isn't Hurting You (37)
Wednesday
06:23	After Hyping 5G For Years, Verizon Advises Users To Turn It Off To Avoid Battery Drain (7)
Friday
06:35	6G Hype Is Already Getting Stupid, When 5G Hype Hasn't Even Finished Disappointing Us Yet (14)
Wednesday
06:24	Pudding-Brained 5G Conspiracies Somehow Get Even Dumber (22)
Monday
05:53	Verizon's Latest 5G Innovation: A 5G 'DSS' Network That's Slower Than 4G (8)
Tuesday
06:33	Space X Gets $886 Million From FCC To Put Very Small Dent In U.S. Broadband Gaps (51)
Wednesday
12:03	The FCC, 2.5 GHz Spectrum, And The Tribal Priority Window: Something Positive Amid The COVID-19 Pandemic (5)
Friday
06:28	Somehow, 5G Paranoia Is Only Getting Dumber (77)
Wednesday
06:30	Ajit Pai's FCC Does Something Good, Frees Wireless Spectrum The Auto Industry Had Done Little With (22)
Monday
06:26	Colorado Voters Continue To Peck Away At State Law Restricting Community Broadband (21)
Tuesday
06:53	There Is No 'Race To 5G.' And The U.S. Wouldn't Be Winning Even If There Was (14)
Wednesday
06:33	The Trump Swamp Fights Itself Over Multi-Billion Dollar No-Bid Spectrum Grab (17)
Monday
12:00	Safety in Name, Commercial in Fact: The Auto Industry Spectrum Squatting Campaign on 5.9 GHz Widens the Digital Divide (16)
Friday
06:36	We're Already Hyping 6G When 5G Hasn't Even Finished Disappointing Us Yet (24)
Tuesday
03:29	Five Bar Owners Arrested In France For Not Logging Internet Use By Patrons Using Bars' WiFi Connections (27)
Friday
06:19	Half Of Smartphone Users Incorrectly Think They Already Have 5G (26)
Thursday
06:25	Verizon's New 'Nationwide' 5G Isn't Nationwide, Barely Faster Than 4G (9)
06:42	Verizon Is Still Abusing The Hell Out Of The Word 'Unlimited' (11)
Wednesday
06:03	AT&T Whines That The T-Mobile Merger Consolidated Too Much U.S. Spectrum In One Place (5)
Friday
06:28	Verizon Buys Tracfone As U.S. Wireless Gets Even More Consolidated (14)
Tuesday
06:11	Yet Another Study Shows U.S. 5G Over Promises, Under Delivers (8)
Monday
05:58	Yet Another Study Shows U.S. 5G Is Far Slower Than Many Other Nations (32)
Friday
13:42	Wireless Carriers Once Again Fight Efforts At More Accurate Wireless Availability Maps (16)
Tuesday
06:29	Verizon Forced To Back Off Charging Extra For 5G (8)
Wednesday
06:07	Dish Buys Ting Mobile To Disrupt Wireless, But Questions Remain (10)

Do Tons Of Sprint And Verizon Phones Contain A Rootkit, Potentially Tracking All Sorts Of Info?

from the privacy,-what's-that? dept

The Techdirt Greenhouse

Monday

Thursday

Tuesday

Monday

Wednesday

Tuesday

Wednesday

Friday

Wednesday

Monday

Tuesday

Wednesday

Friday

Wednesday

Monday

Tuesday

Wednesday

Monday

Friday

Tuesday

Friday

Thursday

Wednesday

Friday

Tuesday

Monday

Friday

Tuesday

Wednesday

More

Tools & Services

Company

Contact

More

from the privacy,-what's-that? dept

Techdirt Daily Newsletter

The Techdirt Greenhouse

Tools & Services

Company

Contact

More