Apple: We stopped using Carrier IQ in iOS 5

Apple: We stopped using Carrier IQ in iOS 5

Summary: Apple washed its hands of the Carriergate scandal today stating that it will remove Carrier IQ completely in a future software update.

SHARE:

Wow, what a debacle. Since I posted my piece late Tuesday about a rootkit called Carrier IQ that was discovered monitoring potentially millions of Android devices, it's erupted into a bona fide scandal.

AT&T and Sprint have admitted using Carrier IQ and United States Senator Al Franken asked its CEO if it complies with the Computer Fraud and Abuse Act (18 U.S.C. § 1030). Carrier IQ has responded by saying that its software only monitors data related to call quality, battery life, device crashes and that it ignores personal data. Carrier IQ’s Andrew Coward tells AllThingsD:

The software receives a huge amount of information from the operating system... But just because it receives it doesn’t mean that it’s being used to gather intelligence about the user or passed along to the carrier.

The big news is that Apple stopped using Carrier IQ's software in iOS 5. In an attempt to distance itself from Carriergate, Apple today issued this statement:

We stopped supporting Carrier IQ with iOS 5 in most of our products and will remove it completely in a future software update. With any diagnostic data sent to Apple, customers must actively opt-in to share this information, and if they do, the data is sent in an anonymous and encrypted form and does not include any personal information. We never recorded keystrokes, messages or any other personal information for diagnostic data and have no plans to ever do so.

In addition to walking away from Carrier IQ, Apple's Diagnostics and usage data settings are strictly opt-in and you don't need a special piece of software to turn it off.Th e setting and privacy policy are right there in the Settings > General > About > Diagnostics & Usage (pictured above).

ZDNet's own Zack Whittaker has posted an excellent piece on which phones, networks run Carrier IQ -- which is highly recommended reading.

Related:

Topics: Apple, Mobile OS, Mobility, Operating Systems

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

45 comments
Log in or register to join the discussion
  • RE: Apple: We stopped using Carrier IQ in iOS 5

    So they stopped it using in iOS 5? That means every iPhone user - and probably every iPad user- below iOS 5 has Carrier IQ running on their devices, even in this very moment, reading these lines.

    Also, it's not opt-in either. It would be opt-in if it wouldn't be on by default. Since it is, it's opt-out. Whether it's Apple or the carrier setting that default doesn't matter in the end and you won't able to tell anyway.
    ff2
    • RE: Apple: We stopped using Carrier IQ in iOS 5

      @ff2
      Mine always asked me during set up if I want to enable it or not (sending usage data)... the ones that never asked were always off when I went to check, so I'm guessing it is off by default like they say... what makes you think its on by default?
      doh123
      • Did FF2 read what was written? Even if Apple would not 'stop', then still

        @doh123: ... the information that gathered has nothing to do with real privacy concerns -- no keystrokes, messages or whatever was ever registered.
        dderss
      • @no keystrokes, messages or whatever was ever registered

        @doh123 that's simply not true. Even Carrier IQ are only going so far as to say the *CONTENTS* of messages aren't sent. There product says

        "Capture a vast array of experience data including screen transitions, BUTTON PRESSES, service....View application and device feature usage, such as camera, music, messaging, browser and TV"

        So presumably you will not accept that this is a privacy violation?
        guihombre
      • RE: Apple: We stopped using Carrier IQ in iOS 5

        @doh123
        Asking you to opt out is all fine and good but that doesn't mean that the data cannot be exploited. Next up will be malwares that will turn it on for you even if you opt out. The bottom line is that it shouldn't be there at all. I don't care how harmless people want to tell you it is. You can say the foul smelling guy that twitches uncontrollably is harmless but I ain't sitting next to him.
        rengek
    • RE: Apple: We stopped using Carrier IQ in iOS 5

      @ff2 - My 4s also asked me during setup. 'roid fanboys with no actual iPhone experience should "just shut-up and accept the fact that unlike Google, Apple usually gets it right"
      Gr8Music
    • Have you ever used an iPhone?

      @<b>guihombre</b>
      I had the original iPhone and I had an iPhone 3G. In <b>both</b> cases the phones explicitly asked if I wanted to allow diagnostic data to be sent to Apple. In other words, I had to give it permission in order for them to do anything with my usage data. I never did and I am confident that the data was never sent. If Apple wanted the data to be sent secretly it would have been far simpler never to prompt for permission to do something that (at the time of the original iPhone launch) no one would have known was possible. This is consistent with Apple (and Microsoft) policies and procedures on there computers for *at least* the last decade, if not longer. If you choose to believe they are deceiving you then you are simply twisting the evidence to fit your conspiracy theory.

      By contrast, about a year ago ATT finally ticked me off enough that I left the iPhone (which I still regret) for an HTC Evo Shift on Sprint. This phone runs carrier IQ with NO notice other than the suppositions you could make based on Sprint's contract (which does tell you they will gather usage data for the purpose of improving your service experience). If Apple had wanted to gather the data without your knowledge it would have been vastly simpler to follow that route.

      Aside from preferring the iOS interface for its simplicity, this is yet another reason why I will go back to the iPhone in a year when my upgrade eligibility returns.
      use_what_works_4_U
      • RE: Apple: We stopped using Carrier IQ in iOS 5

        @macadam
        so because it asked you for permission you believe that saying no makes you more secure. Does extra TSA agents at the airport make you more secure? Does the extra pat down and security devices make you immune to a terrorist attack? You can say no don't log anything but that doesn't mean someone else can't activate it without asking you. The fact that a simple yes/no can trigger this process means malware writers will be abusing this in high fashion
        rengek
      • Apple: we don't need Carrier IQ we have SIRI!

        @macadam
        hope you don't use Siri because that spyware data mines for Apple. On top of that it is able to dynamically change it's operation to suit Apple or whoever gets control of your Siri. Hope to hell no malware makes it into the appstore that can abuse it. One of the developers got fired by Apple because he showed he was able to get a piece of malware into the Appstore.
        If you think Apple doesn't datamine, they are the subject of lawsuits regarding the datalogging of geodata from iphones.
        Malware: it just works!
        warboat
      • RE: Apple: We stopped using Carrier IQ in iOS 5

        @warboat - I've asked for proof of your siri theory a few times with no response from you - therefore I must conclude that you are some sort of ihater troll flinging FUD like a monkey flings poo.
        athynz
      • Siri Exploitation

        @Pete "athynz" Athens<br>look up SiriProxy.<br>hackers have already managed to open up Siri using SiriProxy<br>It allows you to use Siri to control external devices, but it opens up the possibility to maliciously control the 4S as well. And this was done through a weak CA exploit with non-jailbroken 4S.<br>It is more than just spying, it means that Apple or any SiriProxy has your iPhone 4S by the balls.

        update: oh! now an app has made it into the appstore that interacts with SiriProxy; FASTPDFKIT. If the appstore allows apps to interact with Siriproxy (still not approved by Apple), then I'm afraid Charlie Miller was sooo right. It is only a matter of time before someone makes siriproxy malware.
        warboat
    • RE: Apple: We stopped using Carrier IQ in iOS 5

      @ff2

      Apple's realing in an attempt to deceive more consumers..."But we stopped using it at IOS5" So you screwed millions before that and it's supposed to be OK? What's funny is the Apple fanatics will just keep on supporting these clowns and act like this isn't a major issue! It's time to wake up and realize your beloved Apple is as crooked as Google!
      Rob.sharp
      • RE: Apple: We stopped using Carrier IQ in iOS 5

        @rob.sharp@...

        Do you even bother to read?!? Apparently not, or you would realize that EVERY thing you wrote is complete garbage.
        1) The coreservice runs as opt-in. You are EXPLICITLY asked if you want to run it.
        2) No one was screwed. No user data was sent. NONE.
        3) There is no such word as "realing".
        .DeusExMachina.
    • RE: Apple: We stopped using Carrier IQ in iOS 5

      @ff2 My first gen ipad is still not updated to ios 5.0, but when I looked up the above was set at "don't send".
      Rapid Rec
  • What about Nokia?

    Nokia were also claimed to install it. Do we get a denial from Nokia? A claim it was only on Symbian and never ported to Mango? Only S60s? What? Where's the Nokia statement?

    Where's the Samsung Statement? I see it's not on my Galaxy S but that doesn't mean it's not on a USA Galaxy S. Where's Samsung's action plan for this? Did they install it? Which versions? What markets? For whom? What's the plan for fixing this? How can users remove this?

    Every handset maker should realize this is Phorm again, software that records handset specific data must be recording it per handset, and that means per subscriber. It follows that any 'aggregate' defense will collapse under scrutiny.

    Diagnostic software that intercepts URLs? Pull the other one it has ringtones on it.

    They can't ride this one out, HTC have blamed the carrier and are investigating ways to remove the software, I don't accept this, they installed the software on behalf of the carrier, they are culpable.

    How come all US carriers required it be installed? Is this another NSA domestic snooping thing, where they *paid* carriers to plug into their networks. Is that what this is? Or is it only one or two carriers that required it, error and incompetence rather than the systematic snooping that *every* *US ONLY* carrier requiring it would suggest.
    guihombre
    • RE: Apple: We stopped using Carrier IQ in iOS 5

      @guihombre
      Nokia already said it never used it in their phones.
      owlnet
      • Noted, and Samsung said they do

        @owlnet,
        Yeh the other Zdnet article noted it.
        To me that makes Nokia phones more attractive and Samsung phones less attractive. I think this helps the Nokia Windows phone quite a bit, they should hammer that point home. I imagine as the months unfold and Carrier IQ details leak, and lawsuits arrive, this story will churn and Nokia can take advantage of that.

        I note Wikileaks has a site based on some documents on telecoms snooping tech document they have ( spyfiles dot org ). Some of it seem old, the Amdocs scandal is old news, for example, but there's quite a few companies listed I haven't gone through yet. Carrier IQ aren't listed, yet I sort of expect this to run and run as leaks happen and fingers are pointed.
        guihombre
    • RE: Apple: We stopped using Carrier IQ in iOS 5

      @guihombre<br>What on earth are you babbling about. Certainly not CarrierIQ, since it does none of the things you are talking about.
      .DeusExMachina.
  • mountain from molehill

    must be a slow news day.
    ron.cleaver
    • Do you grasp the depth of this?

      @ron.cleaver@... This third-party has been able to capture EVERY keystroke anyone enters into their Android, Blackberry or Symbian phone -- including usernames, passwords, even encrypted data (since it captures the keystrokes prior to encryption). They could have highly sensitive, individual-specific, personally-identifiable data that can be correlated on 140 MILLION users, allowing them to know virtually everything about them, from their bank accounts (including account numbers, login ids and passwords) to who they call, what web pages they view, emails and texts they send and receive, and much, much more. This is enormously invasive -- and it was done all via covert, hidden apps that couldn't be force-quit, without any warning.

      Carrier IQ is now being investigated for possibly violating wire-tapping laws and other violations. If found guilty, they would be guilty of violating the privacy of 140 million (and counting) customers over a span of several years! And the carriers could be right there with them in the hot seat.

      I'm no privacy nut, but I hardly think this is a mole hill. This could easily be the broadest, deepest, most widespread violation of individuals' rights to privacy EVER.
      jscott69