Carrier IQ patent outlines keylogging and ability to target individual devices

Carrier IQ patent outlines keylogging and ability to target individual devices

Summary: Diving into the Carrier IQ patent gives us some interesting insights into what the technology might be capable of doing.

SHARE:
TOPICS: Legal, Security
20

Unless you've been living in a cave on Mars for the past week then you will have undoubtedly heard of Carrier IQ - a rootkit-like software that's embedded in over 140 million smartphones.

What is Carrier IQ? Well, depending on who you listen to, you get a different story. According to 25-year-old Trevor Eckhart, this software has low-level access to the handset and is capable of intercepting key presses, call data, SMS communications and even web activity. However, according to Carrier IQ, the software is a tool used by the carriers to gather data to improve the network.

So what is Carrier IQ designed to do? Well, we don't have any answers to that question at present, but we can get an idea of what Carrier IQ might be used for by taking a look at the patent relating to the technology.

The patent in question is 7,551,922 - Rule based data collection and management in a wireless communications network. There are two sections that are of particular interest.

Page 18, column 12, line 41:

Additionally, because data collection and management system ... allows multiple data collection profiles and data analysis activities to be performed simultaneously, a particular device may be targeted to execute multiple data collection profiles. Therefore, target device database ... tracks the data collection activity occurring on the devices and maintains detailed information about the specific data collection profiles that are active on the devices. In doing so it can detect and resolve any contention or prioritization issues by adjusting the population of target devices selected.

Here, the patent seems to be describing a mechanism that allows a specific devices to be targeted with collection profiles that can be changed on the fly at any time.

Page 19, column 13, line 12:

The queries may be structured in such a way that performance information is gathered about the effect of a simple activity, such as a button press by the user, or information may be gathered about more complex transactions that involve multiple network layers, such as the physical layer, network layer, transport layer and application layer. In particular, the target wireless devices have software stacks that communicate with various network layers of the communications network.

Here the patent is describing the keylogging and data collection capability of the technology.

While the patent doesn't tell us what Carrier IQ is actually doing on user's handsets, it does give us an insight into what it might be capable of doing. If nothing else, I feel that smartphone owners are entitled to have a clear explanation of what Carrier IQ is capable of doing, and have the option to disable all data collection.

Many thanks to tipster Micah for sending this one in!

Related:

Topics: Legal, Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

20 comments
Log in or register to join the discussion
  • RE: Carrier IQ patent outlines keylogging and ability to target individual devices

    "If nothing else, I feel that smartphone owners are entitled to have a clear explanation of what Carrier IQ is capable of doing, and have the option to disable all data collection."

    This should be addressed to operators, not to Carrier IQ.
    kodadma
    • Looks like Sprint and ATT have lots of splaining to do!

      @kodadma
      otaddy
      • and more....

        @otaddy
        Try adding TMo and Rogers to the carrier list. :(
        rhonin
  • RE: Carrier IQ patent outlines keylogging and ability to target individual devices

    On ZDNet's sister site, they go go to great lengths to say that CIQ is incapable of doing what the patents explicitly describe and what the Eckhart video seems to depict.

    CIQ say that they don't use or read user information. However, if the user's information is transmitted off the phone, CIQ is likely violating Federal Wiretapping Laws. The mens rea (intent) for wire tapping is not the intent to use but in the intent to tap/transmit.
    retnep
    • Sadly most corporations always lie

      @retnep <br><br>1) [Most] Corporations, like politicians, always lie even when it would benefit them to tell the truth. <br>2) So the real question isnt if that is the truth or a lie but to what extent they are lying, just a little or a lot?<br><br>Why would [most] corporations always lie even when it would benefit them to tell the truth?<br>A: Because its much easier to keep straight the lies then trying to keep straight what lies have been told and truths have been told. Granted, some lies are so white like that they are almost truths but they still are not 5100 truths. By always lying a legal or sales department does not have to ask did we tell the truth on this one or did we manage it?. They never use the terms lie or even spin but instead like to call it managing the information. You can almost certainly attribute that term to someone from marketing or legal.
      BlueCollarCritic
  • RE: Carrier IQ patent outlines keylogging and ability to target individual devices

    Let's be clear - it's not WP7, just every other smartphone maker. Another reason to choose MS.
    tonymcs@...
    • RE: Carrier IQ patent outlines keylogging and ability to target individual devices

      @tonymcs@...

      Shill.
      none none
    • RE: Carrier IQ patent outlines keylogging and ability to target individual devices

      @tonymcs@... Yes, let's be perfectly clear in that Microsoft does the same exact thing with it's WP7 devices.

      http://wmpoweruser.com/microsoft-accused-of-tracking-windows-phone-7-user-via-the-camera-app/

      http://www.electronista.com/articles/11/08/31/microsoft.accused.of.ignoring.wp7.location.info/

      http://mobile.slashdot.org/story/11/09/01/2242241/lawsuit-claims-windows-phone-7-spies-on-users
      athynz
    • That's right ...

      @tonymcs@...
      If WP7 phones have a "reason to log" what the user does, Microsoft is perfectly capable of writing the software themselves (see links from 'athynz').

      The question isn't whether the phone *can* do these things (it seems that all smartphones and probably 'feature' phones can do this) it's to what extent the carriers apply this technology.
      use_what_works_4_U
  • Why are we going after CarrierIQ?

    CarrierIQ didn't sell you phones, your phone and telco companies did. If they didn't go to CarrierIQ they'd have gone to another company providing similar software. Go after Sprint and AT&T.
    kraterz
    • RE: Carrier IQ patent outlines keylogging and ability to target individual devices

      @kraterz
      Good point.
      John Zern
    • RE: Carrier IQ patent outlines keylogging and ability to target individual devices

      @kraterz because it is THEIR software that logs this information. Who is to say they did not lie to the carriers about all it can do? You do bring up an excellent point in that the carriers - by using their software - are just as complicit.
      athynz
  • RE: Carrier IQ patent outlines keylogging and ability to target individual devices

    Why only andorid phones??? because it was blessed by evil google and networks to install carrier IQ. So does apple, now they shamelessly say they will remove it from iOs..

    MS has denied to tamper with WP7 and kudos to them.
    owlnet
    • Do you know how to read????

      @owlnet

      This application IS NOT part of Android. The carriers INSTALLED this app as part of their handset configuration. Since Android is open source, the carriers can, and have, made the changes that they wanted on their handsets.

      This app was also installed by Apple on all their handsets except iOS5. This has NOTHING to do with Google. Your hatred of all things Google is warping your judgement, provided you had any to begin with.
      linux for me
  • RE: Carrier IQ patent outlines keylogging and ability to target individual devices

    simple enough - need to start a petition to allow user to opt of of this - simple
    DS-Solutions
    • RE: Carrier IQ patent outlines keylogging and ability to target individual devices

      @DS-Solutions or better class action lawsuit! just a peition is not enough. Sprint, ATT and other have to be punished!!!
      pupkin_z
  • If a user could actually get the benefit of CIQ

    maybe people wouldn't have AS MUCH of a hate-on. As it stands users have dropped calls and network issues but when they call the carrier helldesk they get put through the usual "did you reboot, maybe we should update firmware, blah blah" script. Instead this program seems to benefit carriers in an abstract way and certainly not users directly even though it uses their battery life and perhaps some data usage too?
    dowlingm
  • iOS's CarrierIQ vs. Android's (+/- BB's, +/- WP7's) CarrierIQs

    AFAICT, a difference b/w how the CarrierIQ app on iOS smartphones works and how the CarrierIQ apps on those Samsung and HTC Android smartphones carried by AT&T or Sprint (+/- BB's, +/- WP7's smartphones) work is:<br>- iOS's CarrierIQ is by default "OFF" (and does not collect any info while it is "OFF"), while the Android (&/- BB's, &/- WP7's) CarrierIQs not only apparently cannot ever be turned off by the user, but cannot even be otherwise accessed, modified or deleted, and<br>- iOS's CarrierIQ (even when it is turned "ON" by the user) has never done (& still doesn't now do) any keylogging, nor any recording of a user's phone #s, textings, SMSs, surfsites, locations, nor any other user-specific info., but the Android (&/- BB's, &/- WP7's) CarrierIQs do exactly that keylogging & recording of that user specific info, and so their CarrierIQs thus provide a backdoor for hacker exploitation of all this (& more) user personal info on those Android (&/- BB, &/- WP7) smartphones, and<br>- 100% of the iOS's CarrierIQ-collected data is displayable on the iPhone's screen at Settings/General/About/Diagnostics & Usage/Diagnostics & Usage Data, while none of the Android (&/- BB's, &/- WP7's) CarrierIQ-collected data is accessible to the user on his/her smartphone (without hooking up the smartphone to a PC with some kind of SW data display mode for that smartphone), and<br>- iOS's CarrierIQ apparently sends all this anonymous diagnostic info only to Apple (and only when requested to by the user), while the Android (&/- BB's, &/- WP7's) CarrierIQs not only apparently seem to be automatically sending everything to AT&T/Sprint, Google, +/- Samsung or HTC, the FBI?DEA?NSA?Echelon? and to whoever else might have hacked into this backdoor SW on your smartphone, but IT SEEMS TO BE SENDING IT EVEN BEFORE ANYTHING HAS BEEN DISPLAYED ON THE SCREEN of that smartphone!
    BurmaYank
    • extreme bias

      @BurmaYank
      I read this post as:
      I love my iPhone and defend it.
      Carrier IQ on the iphone is not there to datalog anything, it is there to save rare animal species and rebuild the ozone layer. Apple would never do anything to compromise my security.
      Android is nasty, it will send the keypress as soon as you LOOK at the key. It will send this info not only to feds, CIA, NASA but also Martians, Ewoks, and Chuck Norris.
      Carrier IQ on every other phone OS is really really bad. Carrier IQ on iPhone is awesome, not only does it let you control if you want to send info, but when it does send info, it sends harmless info like when I surf youp0rn it tells them im on youtube instead because that's what they put it there to do.
      iOS cures cancer.
      warboat
  • RE: Carrier IQ patent outlines keylogging and ability to target individual devices

    Can't wait to read your articles on the number of lawsuits Carrier IQ has sparked for themselves. Especially when this looks to be a win-win case for many prosecutors considering Carrier IQ has proven to be secretly recording every virtual keystroke onto a debug record log file from the very moment every 140 million users got their hands on the phone for the very first time.

    What's worse? The contract between consumers and carrier's only include the agreement to allow the tracking of one's billing information, network information, and credit history. But it doesn't apply to the virtual keylogging of private calendar appointment data, password and login credentials for office systems, client and customer addresses, public and private encryption keys, and everything else one has entered through the virtual keyboard not listed in the contract agreement.
    zdnetviewer