Rootkit called Carrier IQ discovered phoning home with user data
Summary: Locationgate is nothing compared to a rootkit that's been discovered pre-installed on potentially millions of Android handsets.
Remember Locationgate? Well, that might be nothing compared to a rootkit that's been discovered pre-installed on some Android handsets.
[The Locationgate scandal erupted in April 2011 when a hidden file called “consolidated.db” (containing a database of Wi-Fi hotspots and cell towers around your phone's location) was discovered unencrypted in iOS 4.]
Well, at least consolidated.db didn't phone home and report your whereabouts to the mothership -- which is what appears to be happening on millions of Android handsets.
In this video, 25-year-old security researcher Trevor Eckhart of Connecticut shows how two nefarious apps (HTC IQAgent and IQRD) are discovered pre-loaded and running on his HTC smartphone.
Eckhart demonstrates how the surreptitious apps log text messages, encrypted web searches -- and just about everything else -- and send the data to Carrier IQ’s servers.
Worse, Wired reports that the rootkit can't be turned off without rooting the phone and replacing the operating system. "And even if you stop paying for wireless service from your carrier and decide to just use Wi-Fi, your device still reports to Carrier IQ."
Luckily, Logging Checker (main site) is an Android app by TrevE that tests to see if your device is among the afflicted. Here's a screenshot:
Update: I ran Loggig Checker on my Droid RAZR running on Verizon Wireless and all the tests came up negative. It appears that at least the RAZR on VZW doesn't have it.
Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.
Talkback
RE: HTC rootkit discovered phoning home with user data
Heh.
Why don't you also investigate [b]apple ios rootkit[/b] returning 913,000 results?
[i]~~~~~~~~~~
Mathematicians stand on each other???s shoulders and computer scientists stand on each other???s toes.
~ Richard Hamming[/i]
Its not HTC alone, its most CDMA phones and GSM sets to be confirmed.
RE: HTC rootkit discovered phoning home with user data
My guess for 3, only time and devs, it'll come along. For 4, your method would undoubtedly work with WiFi only, which I'll assume you meant. I was considering others without such an understanding.
RE: HTC rootkit discovered phoning home with user data
I followed your suggestion and used Bing's search result for apple iOS rootkit. (like you, I had never heard of an Apple iOS rootkit before.)
Well, Bing returned one search result that reported on a 2008 reported CISCO IOS rootkit proof of concept security breech.
I wonder if WinTard confused CISCO's IOS (Internetwork Operating System) acronym with Apple's use of the iOS name?
RE: HTC rootkit discovered phoning home with user data
Either post some proof of this alleged rootkit or simply admit you are a troll spreading FUD.
RE: HTC rootkit discovered phoning home with user data
I have to think that he really knows this, and thought that by using the term "IOS ROOTKIT" might make people think that there are lots of reports about an Apple iPhone rootkit.
THERE AREN'T.
In fact, searching for "IOS ROOTKIT" finds articles, of which the vast majority, were written YEARS before the iPhone's introduction.
IOS, for those who don't know, in this context refers to an operating system by CISCO that runs their networking gear.
en.wikipedia.org/wiki/Cisco_IOS
RE: HTC rootkit discovered phoning home with user data
a touchy one you are
http://www.theregister.co.uk/2011/12/01/ios_has_carrier_iq_client/
RE: HTC rootkit discovered phoning home with user data
As you probably are aware of by now, Apple issued a statement that said this "root kit" was not used in iOS 5 or on iPhone 4S models. Apple did state that prior iPhone models did have this software installed but the user could disable it's diagnostic feedback functions. (Although Apple never informed the public just how evasive this "diagnostic software" actually was.) Also, ZDNet has reported that Apple will release, shortly, an iOS update that will remove this code from earlier iPhone models.
How amusing
RE: HTC rootkit discovered phoning home with user data
nice try... come to think of it, the patent office should take a look at this thing, and let the trolls cash in !!!
So prosecute HTC
If you got the phone under contract, the carrier could well be liable too.
Really if you don't nip this in the bud here and now with a decent multi-billion dollar class action, everyone of the handset makers will start doing this, and every carrier will start doing it. It needs to be stopped here and now.
Even Google's HTTPS sessions, a move by Google to protect the privacy of its users from third party snooping, they're passing the data over that link too. It's unbelievable that any handset maker would do that.
---
If corporations are people, criminal law should apply to their CEO's.
Not Samsung, not Sony Ericsson
Incredible.
RE: HTC rootkit discovered phoning home with user data
RE: HTC rootkit discovered phoning home with user data
If corporations are people, criminal law should apply and the corporation should go to jail. Since they are only persons created by law and don't have bodies to incarcerate, maybe the legal penalty should be to cease doing business for the duration of the imposed jail time. Forgetaboutit, that would only happen in a democracy.
RE: HTC rootkit discovered phoning home with user data
Its not just HTC - why only trash them?
"Eckhart said he chose the HTC phone purely for demonstration purposes. Blackberrys, other Android-powered handsets, and smartphones from Nokia contain the same snooping software, he claims."
Froze it with Titanium Backup
RE: HTC rootkit discovered phoning home with user data
What carriers/phones is this confirmed to be on??? Anyone?
RE: HTC rootkit discovered phoning home with user data
Carrier IQ on Samsung, Motorola, etc.