Wow, what a debacle. Since I posted my piece late Tuesday about a rootkit called Carrier IQ that was discovered monitoring potentially millions of Android devices, it's erupted into a bona fide scandal.
AT&T and Sprint have admitted using Carrier IQ and United States Senator Al Franken asked its CEO if it complies with the Computer Fraud and Abuse Act (18 U.S.C. § 1030). Carrier IQ has responded by saying that its software only monitors data related to call quality, battery life, device crashes and that it ignores personal data. Carrier IQ’s Andrew Coward tells AllThingsD:
The software receives a huge amount of information from the operating system... But just because it receives it doesn’t mean that it’s being used to gather intelligence about the user or passed along to the carrier.
The big news is that Apple stopped using Carrier IQ's software in iOS 5. In an attempt to distance itself from Carriergate, Apple today issued this statement:
We stopped supporting Carrier IQ with iOS 5 in most of our products and will remove it completely in a future software update. With any diagnostic data sent to Apple, customers must actively opt-in to share this information, and if they do, the data is sent in an anonymous and encrypted form and does not include any personal information. We never recorded keystrokes, messages or any other personal information for diagnostic data and have no plans to ever do so.
ZDNet's own Zack Whittaker has posted an excellent piece on which phones, networks run Carrier IQ -- which is highly recommended reading.
- Finding and cleaning out your smartphone’s Carrier IQ poison
- Mobile phone tracking rootkit hidden in millions of cellphones
- CarrierIQ: Follow the money and it is the carriers behind it
- Between the Lines: Senator demands answers over Carrier IQ mobile phone tracking
- CNET Special Report: Carrier IQ: How big a threat is it?