EFF wants your help in finding out what Carrier IQ is actually monitoring

EFF wants your help in finding out what Carrier IQ is actually monitoring

Summary: Carrier IQ file format reverse-engineered.

SHARE:

The Electronic Frontier Foundation (EFF) needs your help in finding out exactly what the Carrier IQ software embedded into millions of handsets actually does on specific handsets.

To create transparency for the public that has been monitored by the more intrusive variants of this software, we will need a comprehensive library of these Profiles, and to know which ones were pushed to which phones at what times. Profiles are stored in different locations in different versions of the Carrier IQ software, and in many cases, a phone may need to be jailbroken or rooted before the profile can be extracted.

If you have a rooted/jailbroken phone, and can find a Profile on it, please send us 1) a copy of the Profile, 2) which phone and network it was from, and 3) where on the phone's file system you found it. You can send us this information in an email at iqiq@eff.org or in a git remote we can pull from.

EFF volunteer Jered Wierzbicki reverse engineered the file format and has written a program for parsing it called IQIQ. Information on this can be found on the EFF website. There's also a lot of information on the XDA Developers forum on methods of finding Carrier IQ data.

Related:

Topics: Malware, Android, iPhone, Mobile OS, Patents, Security, Smartphones, Software

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

1 comment
Log in or register to join the discussion
  • RE: EFF wants your help in finding out what Carrier IQ is actually monitoring

    So far my understanding is there is open dialog between Carrier IQ and the FCC and FTC. there is an inquiry and no one is being arrested and no agents showing up on their door step. This will all go away I am sure.
    I believe Trevor had his detection tool removed from the android market place. I don't know if it was put back. There have been other reports to that other developers are saying the the bloggers initial inspection of what the software does is in fact wrong.
    I truly believe the software is simply diagnostics. I know lots of screaming and yelling and freaking out over a video, which if you are technically inclined is fake
    for all intense and purposes. Just look at what others have reported after reverse engineering the product and also watching how the software processes and reads information. The "security researcher" if you want to call him that works for a company called Telogis. I hear they are trying to get up to the race with Carrier IQ. What better way than to get the leader shut down and you quietly slip into the vacuum that is left behind. If you don't believe me check out the bloggers linked in
    profile.
    I think he was asked to do this as corporate espionage, and then they will control it all. Al bet a little differently.
    sanchanim