dslreports logo
site
spacer

spacer
 
   
spc
story category
Sprint: We've Disabled CarrierIQ On Our Devices
Acknowledges 26 Million Devices Had Controversial Rootkit
by Karl Bode 04:22PM Friday Dec 16 2011
Sprint and AT&T spent this week explaining just how heavily they use the controversial CarrierIQ rootkit to track phone performance. According to Sprint, the company uses the software on 26 million devices, but only collects data from about about 1.3 million devices. Sprint also stated the company started working with CarrierIQ in 2006, stores Carrier IQ data on its servers for 30 to 45 days, keeps the raw data for six months, and saves reports from Carrier IQ for one year. The company today also told Mobile Burn they've disabled the software entirely after having "weighed customer concerns" (and potential regulatory fallout and bad PR):
quote:
"We have weighed customer concerns and we have disabled use of the tool so that diagnostic information and data is no longer being collected," said Sprint in an email to Mobile Burn. "We are further evaluating options regarding this diagnostic software as well as Sprint's diagnostic needs."

Sprint reiterated that it was not using Carrier IQ software to look at the content of text messages, emails, photos and other information stored on phones by users. The carrier also clarified that Carrier IQ was not used for any form of targeted advertising or profiling of customers. The software's sole purpose was to report network deficiencies and allow Sprint to improve its network and service for its customers.
It continues to be fascinating to watch the hysteria surrounding the CarrierIQ rootkit and the broader disregard for larger privacy context -- namely that most carriers are busily selling every scrap of user data not nailed down (location data, clickstream data, etc.). The public and press apparently like brief privacy lightning rods (CarrierIQ, NebuAD), after which the discourse goes right back to ignoring the steady and constant erosion of online privacy by everyone in the wireless food chain.

view:
topics flat nest 

FFH
Premium
join:2002-03-03
Tavistock NJ
kudos:5

1 recommendation

End of CarrierIQ ??

If other carriers follow Sprint's actions, CarrierIQ is toast as a company. They are done.
Cogdis

join:2007-03-26
Floral Park, NY

Re: End of CarrierIQ ??

Good.

davoice

join:2000-08-12
Saxapahaw, NC
Umm... they're not toast. You forget, what has been de-activated can be re-activated. Sprint is not saying it's *removing* CarrierIQ. It's just saying it has turned it off.

Thus there is no reason they can't turn it back on later. And nothing stopping them from continuing to install the software on their phones but just leave it turned off until some later date.

}Davoice

FFH
Premium
join:2002-03-03
Tavistock NJ
kudos:5

Re: End of CarrierIQ ??

said by davoice:

Umm... they're not toast. You forget, what has been de-activated can be re-activated. Sprint is not saying it's *removing* CarrierIQ. It's just saying it has turned it off.

Sprint says it is removing the software and not just turning it off.

»www.geek.com/articles/mobile/spr···0111216/

Sprint has ordered that all of their hardware partners remove the Carrier IQ software from Sprint devices as soon as possible.

Sources at HTC have told us that, as a result of the lawsuits targeting Carrier IQ, Sprint, and other CIQ-using OEMs, Sprint has asked all of their partners to get rid of Carrier IQ. Starting with the high-volume and high-profile devices on the network, each of the OEM’s has been asked to quickly release binaries that do not contain Carrier IQ so that over-the-air updates can be pushed to those devices as quickly as possible. The eventual plan is to remove Carrier IQ from all of the devices on Sprint’s network.


--
The nine most terrifying words in the English language are, I'm from the government and I'm here to help.
»www.politico.com/rss/2012-election-blog.xml


KrK
Heavy Artillery For The Little Guy
Premium
join:2000-01-17
Tulsa, OK

1 recommendation

They'll just change the TOS and people will be "opting in" for CarrierIQ. And then it will be turned back on.

I think the threat CarrierIQ posed was really overblown, but nonetheless I don't agree with this stuff installed on phones that you as the user cannot disable or turn off at will.
--
"Fascism should more properly be called corporatism because it is the merger of state and corporate power." -- Benito Mussolini

FFH
Premium
join:2002-03-03
Tavistock NJ
kudos:5

And it isn't a rootkit

This dslreports poster points out how CarrierIQ software isn't a rootkit. But the use of that term helps people to demonize the software:
»Rootkit? Really?
Chubbysumo

join:2009-12-01
Superior, WI
Reviews:
·Charter

1 recommendation

Re: And it isn't a rootkit

Here is he definition of a "rootkit", you tell me if it meets this"
Rootkit - A rootkit is software that enables continued privileged access to a computer while actively hiding its presence from administrators by subverting standard operating system functionality or other applications.

Cheese
Premium
join:2003-10-26
Naples, FL
kudos:1

Re: And it isn't a rootkit

said by Chubbysumo:

Here is he definition of a "rootkit", you tell me if it meets this"
Rootkit - A rootkit is software that enables continued privileged access to a computer while actively hiding its presence from administrators by subverting standard operating system functionality or other applications.

No, it doesn't
bladec594

join:2007-09-24
Alpharetta, GA

Re: And it isn't a rootkit

Agree, not a rootkit. Some reporters just use that term to incite the minions and generate clicks. Just as slimey as mainstream media is portrayed to be...

michieru
Premium
join:2009-07-25
Miami, FL
The correct term is spyware
Expand your moderator at work

tc1uscg

join:2005-03-09
Saint Clair Shores, MI

1 edit

Re: And it isn't a rootkit

said by michieru:

The correct term is spyware

That's about as close as anyone will get. "The 17-minute video sparked a firestorm not only because it alleged the software logged numerous details about users' activities, but also because it did so without their knowledge".. So if it's not a keylogger or spyware people, then what is it REALLY?

Ok, sticking my neck out and I'm sure some of you will take a whack at it , having worked for Sprint for 10 years as a switch tech in one of their central offices (no longer there or with Sprint ), they do not, again, they DO NOT need this kind of installed software to check network performance. Any Sprint network operations person, any ATT or Verizon network person, who says otherwise, is full of crap. Having spent those 10 years as a switch tech, we have "built in" metrics/software IN THE SWITCH (Nortel, Lucent) that tracks network usage and problems. If you dropped a call for example, it is logged in the system logs. If enough drop, alarms are sent to the switch, a ticket will be generated or a switch tech will see a cell in trouble and take a look at it. Every call that hits the network even tells what digits you dialed the trunkgroup it handed the call off too. It will tell you what BSS, what tower, what node/antenna, what trunk group, all the way down to the member number of that trunkgroup itself. It could even tell the difference from fading out, to network congestion problems (if it was getting overloaded with calls, it would show alarms in the switch for that tower/T1). All this and without having to know what sites you visited, passwords, any data at all or your keystrokes. Yes, the amount of data from the first bit to the last was counted but all the bytes in between, from the network reliability reasons, we didn't give a crap or captured. But it seems someone decided it was. Gotta wonder if someone else isn't pulling Sprints, AT&T and Verizons strings? FBI, NSA maybe? Carnivore as it use to be known, isn't as dead as people think. I seem to recall that Carrier IQ has said the FBI approached them about this software. Oops, the smoking gun?
Arthur96

join:2000-12-17
Salem, NH

Re: And it isn't a rootkit

I agree. Also it seems no one remembers what the FBI attemted to do with onstar.

Case4Privacy

@comcast.net

All phones are tracked no matter who made it or whats on it

There really is no clean phone, the problem is the way the networks themselves function. If every tower on the network looked for every phone getting a call there wouldn't be enough bandwidth, so they track every phone real-time to see which towers have the best signal quality to send you your call, data, or texts.

As long as your phone is connected to the network, your phones microphone, camera, GPS, and it's contents are available to anyone who wants them. Worse yet your phone is nothing more than an open book to someone with a laptop and an antenna.

We've spent years researching the problem and have compiled a series of news reports that clearly lay out the problem, including the fact that turning your phone off doesn't cut it said at the end of the clips by ABC, FOX, Local network affiliates.

See for yourself: www.Thecaseforprivacy.com/blogs/news

dks7

join:2004-05-31
Omak, WA

1 recommendation

Re: All phones are tracked no matter who made it or whats on it

Exactly, get your overpriced made in China government pre-approved tracking device here!

Don't own a cell and never will.

Ianto Jones

join:2011-01-01
Merchantville, NJ
So then what's the solution? Based on what you said, I can see why something is needed.... but is there no way to balance functionality of how things work with privacy concerns?
ISurfTooMuch

join:2007-04-23
Tuscaloosa, AL

Re: All phones are tracked no matter who made it or whats on it

I think the solution is to have strong data privacy laws that aren't full of loopholes. And those should also have to apply to each and every government agency from the local cops to the FBI, CIA, and NSA.

The problem is that all the opponents of such a law are very well-connected. A real privacy law would only benefit the general public, and we all know how well politicians are at playing many people off against each other. So many people are so caught up in the petty partisan wedge issues that they never look at the things that really matter, and the politicians like it that way.
ke4pym
Premium
join:2004-07-24
Charlotte, NC

Hopefully just the start

Good job, Sprint!
erik2250

join:2007-08-02
Etobicoke, ON

Job well done

The company/person who looked into this and brought CarrierIQ to the public's attention is a hero!
ISurfTooMuch

join:2007-04-23
Tuscaloosa, AL

Re: Job well done

That would be Trevor Eckhart.

And the reason that name is so fresh in my mind is because of a CNN opinion piece about SOPA. The author mentions how Carrier IQ initially threatened Eckhart, accusing of copyright infringement for posting information that was publicly available on the Carrier IQ Web site. The author's point was that, under SOPA, it would have been very easy for Carrier IQ to have either had this information quickly taken down or or to have had his site blacklisted. That would have stopped his disclosure dead in its tracks, and we likely wouldn't be discussing this now.

In case you're interested, here's the link:

»www.cnn.com/2011/12/14/opinion/s···t=hp_bn9
erik2250

join:2007-08-02
Etobicoke, ON

Re: Job well done

Thanks for the link!

n2jtx

join:2001-01-13
Glen Head, NY

I Believe Sprint When They Say They Do Not Monitor

The carrier also clarified that Carrier IQ was not used for any form of targeted advertising or profiling of customers. The software's sole purpose was to report network deficiencies and allow Sprint to improve its network and service for its customers.
Considering how pathetic their 3G performance has been lately, I truly believe them when they say there were not using CarrierIQ extensively. If they were using it, perhaps their network would be running better. (sarcasm)
--
I support the right to keep and arm bears.

mix

join:2002-03-19
Utica, MI

Re: I Believe Sprint When They Say They Do Not Monitor

Considering the level of incompetency at Sprint, I'd surmise they didn't even put two and two together that they could use this software to monitor their (lack of) network performance and role out capacity and bandwidth upgrades to certain towers.

tc1uscg

join:2005-03-09
Saint Clair Shores, MI
SO, thats why I seent "there is an important update" for my phone this morning. Now, my phone as been running like crap all day. Really lagging and network issues. But then again, it's a android on Sprints network. I don't need to look too far for that answer.
iFail 5G

join:2011-08-03
said by n2jtx:

The carrier also clarified that Carrier IQ was not used for any form of targeted advertising or profiling of customers. The software's sole purpose was to report network deficiencies and allow Sprint to improve its network and service for its customers.
Considering how pathetic their 3G performance has been lately, I truly believe them when they say there were not using CarrierIQ extensively. If they were using it, perhaps their network would be running better. (sarcasm)

Or the the network is horrible in the first place and Carrier IQ is having to transmit so much information about the pathetic network that alone is killing the network even more
old_wiz_60

join:2005-06-03
Bedford, MA

but...but...

what about the government spooks who get the info? what will they do? secretly turn it back on?

dvd536
as Mr. Pink as they come
Premium
join:2001-04-27
Phoenix, AZ
kudos:4

Root

can this be removed if device is rooted?
nnaarrnn

join:2004-09-30
Nitro, WV

Re: Root

Yes

cmatties
Only the strong will survive. HAHA

join:2005-03-04
Green Springs, OH
Reviews:
·Time Warner Cable
to an extent. you will need to flash your phone with a custom rom. and still then it is not fully removed do to the fact it is embedded on the rom chip it self. thats my understanding from a friend who has made custom rom's
--
»www.speedtest.net/result/336325078.png
»www.speedtest.net/result/1631437405.png

jseymour

join:2009-12-11
Waterford, MI

1 recommendation

Who Owns The Phone?

It seems to me that carriers want to own the phone when it suits them, and the customer to own the phone when it does not. E.g.: I have to pay for the phone, but I can't take it to whatever network I want (after any subsidizing contract is up) or put it on another network when I can't get to theirs. The carrier believes it has the right to put spyware on the phone or determine what electronic payments system can be installed upon it, but if it breaks I'm the one who has to pay to replace it.

This is simply blatantly wrong, in my view. You either own the phone or you do not. If you own the phone, the most the carrier ought to have the right to do is enforce technical standards that ensure compatibility with their network. Period. Exception is subsidized phones, while the subsidizing contract is still in force, of course. Then you're obliged to stay on their network until the contract is up or you pay the ETF. But that should be the limit of their control over your phone. If the carrier owns the phone then you're at their mercy, but it's also on their dime for repairs and replacements.

Carriers ought not to be able to have it both ways.

KrK
Heavy Artillery For The Little Guy
Premium
join:2000-01-17
Tulsa, OK

Re: Who Owns The Phone?

Exactly. If you own your phone, or at the end of your subsidy, the phone should be unlocked and and privileges given to full (Like rooting). The user shouldn't be the one who has to try and find custom roms, or manually root or jailbreak the phone.

As you say: They want "ownership" control and rights, but none of the liability or responsibility. IE they control it and use it how they see fit, however you pay for it and are responsible for it should it break or need replacement.

It's completely messed up.
--
"Fascism should more properly be called corporatism because it is the merger of state and corporate power." -- Benito Mussolini

SrsBsns

join:2001-08-30
Oklahoma City, OK

Still here Sprint!

So if what they say is true then why am I still seeing this on the Sprint Galaxy S2?


••••

fatness
subtle
Premium,ex-mod 01-13
join:2000-11-17
fishing
kudos:14

FBI asked to use CarrierIQ

»www.washingtonpost.com/business/···ory.html

quote:
A senior executive at a technology company that makes monitoring software secretly installed on 141 million cellphones said Thursday that the FBI approached the company about using its technology but was rebuffed.
--
their dreams a tattered sail in the wind
EdmundGerber

join:2010-01-04
kudos:1

Re: FBI asked to use CarrierIQ

said by fatness:

»www.washingtonpost.com/business/···ory.html

quote:
A senior executive at a technology company that makes monitoring software secretly installed on 141 million cellphones said Thursday that the FBI approached the company about using its technology but was rebuffed.

I'd be reluctant to believe a word that man has to say.

inteller
Sociopaths always win.

join:2003-12-08
Tulsa, OK

so much for EULA

It seems that even though everyone "agreed" to have this monitoring on their phone according to Sprint and ATT by contract it means very little when people start suing left and right. So are carrier contracts not worth the paper they are printed on?
--
"WHEN THE LAUGH TRACK STARTS THEN THE FUN STARTS!"