Finding and cleaning out your smartphone's Carrier IQ poison

Finding and cleaning out your smartphone's Carrier IQ poison

Summary: Millions of iPhones, Android and other smartphones have the Carrier IQ spyware rootkit in them. Here's how to find it and try to zap it.

SHARE:

Carrier IQ: The spyware Poison in your Phone

Carrier IQ: The spyware Poison in your Phone

Isn't it wonderful? It turns out that a spyware rootkit from a company called Carrier IQ is on hundreds of millions of Android and iOS smartphones and tablets. Only Windows Phone-powered smartphones seems to have avoiding this program that reports on almost everything you do with your phone.

In the case of iPhones, it appears that Apple bakes this snooper into every phone. With other smartphones, the carriers, such as AT&T and Sprint, add it into your phones' firmware before it gets into your hands.

Carrier IQ and the carriers aren't talking much about their snooping ways. In a press released published weeks ago Carrier IQ stated that,

Carrier IQ delivers Mobile Intelligence on the performance of mobile devices and networks (PDF Link) to assist operators and device manufacturers in delivering high quality products and services to their customers. We do this by counting and measuring operational information in mobile devices - feature phones, smartphones and tablets. This information is used by our customers as a mission critical tool to improve the quality of the network, understand device issues and ultimately improve the user experience. Our software is embedded by device manufacturers along with other diagnostic tools and software prior to shipment.

While we look at many aspects of a device's performance, we are counting and summarizing performance, not recording keystrokes or providing tracking tools. The metrics and tools we derive are not designed to deliver such information, nor do we have any intention of developing such tools. The information gathered by Carrier IQ is done so for the exclusive use of that customer, and Carrier IQ does not sell personal subscriber information to 3 rd parties. The information derived from devices is encrypted and secured within our customer's network or in our audited and customer-approved facilities.

Our customers [which are the telephone carriers] have stringent policies and obligations on data collection and retention. Each customer is different and our technology is customized to their exacting needs and legal requirements. Carrier IQ enables a measurable impact on improving the quality and experience of our customers' mobile networks and devices. Our business model and technology aligns exclusively with this goal.

In short, Carrier IQ is only providing network and end-point analysis tools, and what happens to your data they collect afterwards isn't their concern. We know however that, far from simply collecting anonymous data, according to Carrier IQ's own description of their Mobile Service Intelligence: "What's more, the combination of the MSIP and IQ Insight lets you move seamlessly from broad trend data across many users, through comparative groups down to diagnostic data from individual devices. Now, not only can you identify trends, you have the power to drill down to specific instances, giving you the insight your specialists need to make a difference. That is the power of Mobile Service Intelligence."

It all sounds so harmless... until you see among other things Carrier IQ's tools are capturing your text messages.

Yes, there will be times when to troubleshoot a problem with your smartphone, you're going to need to let your carrier look deeply into your network traffic. But, as a matter of course to let them snoop on your every click? And, the content of your messages!? I don't think so!

So what can you do?

With iPhones, which we know have the program in them, turning off Carrier IQ's service is easy if you're running iOS 5.x Just head to:

Settings > General > About > Diagnostics & Usage

and click "Don't Send" on.

On iOS3 or 4, I don't know of any current way to disable the service. If anyone does know, do share.

With Android phones, it's much trickier, but it can be done. First to see if Carrier IQ, or another remote logging program is running on your Android device, you need to root your phone. How you do that varies wildly from phone to phone. The "easiest" way to do this is to do a Google search for "How to root Your_specific_Phone."

Then get a copy of Trevor Eckhart's latest version of his Logging Test App. This program is not available on any Android app. store. It's an Android application package (APK). To install this, or any other APK app, you need to first download and install an apps installer, like my personal favorite, Infolife's Easy Installer.

Then download Logging Test to your SD card. For some reason when I tried to download it directly to my phone, the download kept failing. So, I ended up downloading the program first to my PC, and then e-mailed it to myself on my phone as an attachment.

No matter how you get it there when you try to install it, you may get several warning messages about allowing the installation of an application from an unknown source is not recommended. Go ahead and set your phone to allow an application to be installed from an unknown source. After you're done installing Logging Test you can reset it to the safer setting that insists that an application comes from a known app store before it can be installed.

Once the program is installed, simply click the CIQ Checks button. In a few moments you'll know if you have the Carrier IQ spy on your phone or if your data's been safe from it.

This is what you want to see from the test: A clear screen.

This is what you want to see from the test: A clear screen.

In my case, with a Motorola Droid 2 phone running Android 2.3 on the Verizon network, I'm pleased to report that Carrier IQ wasn't present. According to Verizon, that's exactly how it should be. In a GigaOM report, Verizon Wireless spokesperson Jeffrey Nelson said, "Any report that Verizon Wireless uses Carrier IQ is patently false."

And, this is what you don't want to see. Carrier IQ at work.

And, this is what you don't want to see: Carrier IQ at work.

If you do have it, you'll need to pay $1 for an Android market key and Logging Test will try to zap it for you. This may, or may not, work. Reboot the program and re-run Logging Test to see if it worked.

This is a lot of trouble. Hopefully, the carriers will soon make it simple to disable Carrier IQ for those of us who really don't want to share everything we do on our phones with our phone companies.

Related Stories:

HTC rootkit discovered phoning home with user data

How to disable the Carrier IQ 'rootkit' on your iPhone

So, there's a rootkit hidden in millions of cellphones

7 questions that Carrier IQ needs to address immediately

Topics: Android, Google, Mobility, Networking, Security, Smartphones, Telcos

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

179 comments
Log in or register to join the discussion
  • RE: Finding and cleaning out your smartphone's Carrier IQ poison

    sucks !!! How do i get it off Androi Samsung Galaxy S ???
    rgriffin1@...
    • RE: Finding and cleaning out your smartphone's Carrier IQ poison

      @rgriffin1@... <br>Here's an easy way to get rid of it and all the snooping and spying of your most secret and intimate text messages, emails, and phone calls.<br>Get a windows phone 7 device, you'll be very happy you did cause in addition to having privacy, you'll have THE BEST user experience there is on a mobile phone.<br><br>HEY STEVEN J VAUGHAN-NICHOLS , HOW ABOUT UPDATING YOUR ARTICLE TITLE TO SAY <br><br>Finding and cleaning out your smartphones Carrier IQ poison, except on Windows Phone.<br><br>No doubt if it were windows phone that had the issue, you'd write the headline like this:<br><br>Finding and cleaning out your Windows Phone's Carrier IQ poison, except on the iphone, of course. <br><br>(as if the iphone is immune to all things bad, well that's what the majority of its users believe anyway, great marketing job Apple).<br><br>BTW is that windows mobile device in the HTC phone photo in the article? If so that should be changed to an iphone or an android phone. Of course you won't do that though.
      mikroland2.0
      • RE: Finding and cleaning out your smartphone's Carrier IQ poison

        @mikroland2.0 LOL, no kidding!
        The Douginator
      • RE: Finding and cleaning out your smartphone's Carrier IQ poison

        @mikroland2.0
        Except we have no idea what MS is running on those phones. Probably something worse than Clear IQ.
        abc123a
      • RE: Finding and cleaning out your smartphone's Carrier IQ poison

        @mikroland2.0

        my thoughts exactly! It seems to be done to mislead us into visiting this article.
        reefsalt
      • RE: Finding and cleaning out your smartphone's Carrier IQ poison

        @mikroland2.0 -- <br>I have a Samsung Omnia 7 (running WP7) and I love it.<br>I loved it for the clean smooth live UI, pitch black screen and long battery. And now I love it for the clean internals as well.<br><br>And on top of that I know that the OS can auto-update itself, no rootkits and special hacks necessary if such a problem will appear in future. <br><br>But for rgriffin1@ that solution will cost money. Plus the Windows Phones don't have 2 processors so for a user driven by hardware specs like one buying top of the line Galaxy it will fill like a downgrade. (Please dont open the discussion "WP7 doesn't need 2 processors" - I know it believe me! :-) ).<br><br>So back a solution for rgriffin1@ is (will lose warranty maybe but the Galaxy phone is good, so no big deal)<br><br> Download Logging Checker <br><a href="http://forum.xda-developers.com/showpost.php?p=17612559&postcount=110" target="_blank" rel="nofollow">http://forum.xda-developers.com/showpost.php?p=17612559&postcount=110</a><br><br> Get Logging Checker Pro Key <br><a href="https://market.android.com/details?id=com.treve.loggingkey" target="_blank" rel="nofollow">https://market.android.com/details?id=com.treve.loggingkey</a><br><br>The keylogger might not be there - the checks done by the tool should tell you (it depends on carrier, I think Verizon in US doesn't have it for example)<br><br>The tool (wrote by the good hacker/ethical that discovered and provided public the keylogger in the first place) can also remove it, or attempt to remove it (might not work in some cases accordingly to the dev that wrote it). If it doesn't remove it you can install a clean OS image, there are some links on web how to do this.
        Ben.U
      • RE: Finding and cleaning out your smartphone's Carrier IQ poison

        @mikroland2.0 That would get rid of Carrier IQ but then substitute it for Microsoft's own version - or were you just going to gloss over the fact that WP7 devices report that same information to Microsoft?

        Oh and the FIRST device SJVN mentioned that had the Carrier IQ thing was the iPhone - and it's fairly easy to disable if for some reason the user actually enabled it as it is OFF by default on the iPhone. But that fact would have screwed up both your rant and SJVN's article.
        athynz
    • RE: Finding and cleaning out your smartphone's Carrier IQ poison

      this links can help you

      http://forum.xda-developers.com/showpost.php?p=17612559&postcount=110
      http://blog.chpwn.com/post/13572216737?831dd5c8
      Slavomeer
    • RE: Finding and cleaning out your smartphone's Carrier IQ poison

      @rgriffin1@... Another way is to root the device and use cyanogenmod7.
      athynz
    • RE: Finding and cleaning out your smartphone's Carrier IQ poison

      @rgriffin1@...
      I have to say this was very bad journalism. People ran with this story with out looking at it themselves.
      Below are articles which make more sense then the sky is falling.
      For those who are interested in some technical details, i would like to suggest the following:
      http://www.dailytech.com/Article.aspx?newsid=23483&amp;red=y#736483
      Also
      http://vulnfactory.org/blog/2011/12/05/carrieriq-the-real-story/

      i think it will elevate a lot of the stress and panic people are feeling.
      sanchanim
    • RE: Finding and cleaning out your smartphone's Carrier IQ poison

      @rgriffin1@...
      Just a word of caution since non technical people read ZDNet. If you root your phone and run a Custom ROM then you void your warranty and if you have a problem making calls or anything else you will not get support from your carrier. I have had friends who wound up with really nice expensive bricks! For the rest of you who like to work on your phones rock on!!!!
      Some of the custom ROMs if from someone good increase performance an I would even be willing to say are more secure. That isn't event counting for Carrier IQ.
      sanchanim
  • Clearing out the foul Carrier IQ

    Thank you - 96% of respondents want out - that is democracy for you!
    ngukurr2
    • You're probably right...

      @ngukurr2
      ...but somehow, I doubt you're relying on poll data.
      John L. Ries
      • As right as they get...

        @John L. Ries
        If he did, he'd be the only one doing so - I'm assuming integrity here, and not just picking a poll that per chance suits the statement out of a thousand that don't.
        BabThooka
    • RE: Finding and cleaning out your smartphone's Carrier IQ poison

      @ngukurr2

      This stuff shouldn't have been installed on the phone in the first place. ANYTHING like this program should be an additional opt-in, not opt-out thing.
      Lerianis10
      • RE: Finding and cleaning out your smartphone's Carrier IQ poison

        @Lerianis10

        Why does this come as a surprise? This is exactly what you should expect from a company like google! Look how painful this process is to remove from your phone! MS doesn't even use this crap or want it on their OS because it's poison straight out of the box! Why would you ship a phone with a root-kit? C'mon now...I want control of my device like I have control of my PC! Google and Apple could learn a few things from this but they won't!
        Rob.sharp
      • RE: Finding and cleaning out your smartphone's Carrier IQ poison

        @rob.sharp@...

        wha?!? And you think there are no rootkits on windows? Say hello to Sony who did it not once but multiple times even after class action lawsuits. Even worse was that one of sony's rootkits was destructive if you tried to remove it when it was first discovered. And some users had their HD died on them from the rootkit itself.

        You can't blame the OS creators for the rootkits any more than you can blame someone who built a house and the house became a target of arson.
        rengek
      • RE: Finding and cleaning out your smartphone's Carrier IQ poison

        @rob.sharp "This is exactly what you should expect from a company like google!"<br><br>Please READ THE POST! It is not a Google thing. It placed by individual carriers, not Google. I should know better but I keep assuming that people who comment do read and not just report their predjucies.
        kdjkdj@...
    • RE: Finding and cleaning out your smartphone's Carrier IQ poison

      @ngukurr2 <br>Mine has been set to do not send for a long time - the application continues to collect the info - If apple ever really needs to help me with a service issue, all I have to do is change it to send for that one issue then turn it off again. No big deal.
      dan@...
  • RE: Finding and cleaning out your smartphone's Carrier IQ poison

    Every American should be incensed. This is a slippery slope to improper spying.
    "Eternal vigilance is the price of liberty."
    hedson