Finding and cleaning out your smartphone's Carrier IQ poison

Millions of iPhones, Android and other smartphones have the Carrier IQ spyware rootkit in them. Here's how to find it and try to zap it.
Written by Steven Vaughan-Nichols, Senior Contributing Editor

Carrier IQ: The spyware Poison in your Phone

Carrier IQ: The spyware Poison in your Phone

Isn't it wonderful? It turns out that a spyware rootkit from a company called Carrier IQ is on hundreds of millions of Android and iOS smartphones and tablets. Only Windows Phone-powered smartphones seems to have avoiding this program that reports on almost everything you do with your phone.

In the case of iPhones, it appears that Apple bakes this snooper into every phone. With other smartphones, the carriers, such as AT&T and Sprint, add it into your phones' firmware before it gets into your hands.

Carrier IQ and the carriers aren't talking much about their snooping ways. In a press released published weeks ago Carrier IQ stated that,

Carrier IQ delivers Mobile Intelligence on the performance of mobile devices and networks (PDF Link) to assist operators and device manufacturers in delivering high quality products and services to their customers. We do this by counting and measuring operational information in mobile devices - feature phones, smartphones and tablets. This information is used by our customers as a mission critical tool to improve the quality of the network, understand device issues and ultimately improve the user experience. Our software is embedded by device manufacturers along with other diagnostic tools and software prior to shipment.

While we look at many aspects of a device's performance, we are counting and summarizing performance, not recording keystrokes or providing tracking tools. The metrics and tools we derive are not designed to deliver such information, nor do we have any intention of developing such tools. The information gathered by Carrier IQ is done so for the exclusive use of that customer, and Carrier IQ does not sell personal subscriber information to 3 rd parties. The information derived from devices is encrypted and secured within our customer's network or in our audited and customer-approved facilities.

Our customers [which are the telephone carriers] have stringent policies and obligations on data collection and retention. Each customer is different and our technology is customized to their exacting needs and legal requirements. Carrier IQ enables a measurable impact on improving the quality and experience of our customers' mobile networks and devices. Our business model and technology aligns exclusively with this goal.

In short, Carrier IQ is only providing network and end-point analysis tools, and what happens to your data they collect afterwards isn't their concern. We know however that, far from simply collecting anonymous data, according to Carrier IQ's own description of their Mobile Service Intelligence: "What's more, the combination of the MSIP and IQ Insight lets you move seamlessly from broad trend data across many users, through comparative groups down to diagnostic data from individual devices. Now, not only can you identify trends, you have the power to drill down to specific instances, giving you the insight your specialists need to make a difference. That is the power of Mobile Service Intelligence."

It all sounds so harmless... until you see among other things Carrier IQ's tools are capturing your text messages.

Yes, there will be times when to troubleshoot a problem with your smartphone, you're going to need to let your carrier look deeply into your network traffic. But, as a matter of course to let them snoop on your every click? And, the content of your messages!? I don't think so!

So what can you do?

With iPhones, which we know have the program in them, turning off Carrier IQ's service is easy if you're running iOS 5.x Just head to:

Settings > General > About > Diagnostics & Usage

and click "Don't Send" on.

On iOS3 or 4, I don't know of any current way to disable the service. If anyone does know, do share.

With Android phones, it's much trickier, but it can be done. First to see if Carrier IQ, or another remote logging program is running on your Android device, you need to root your phone. How you do that varies wildly from phone to phone. The "easiest" way to do this is to do a Google search for "How to root Your_specific_Phone."

Then get a copy of Trevor Eckhart's latest version of his Logging Test App. This program is not available on any Android app. store. It's an Android application package (APK). To install this, or any other APK app, you need to first download and install an apps installer, like my personal favorite, Infolife's Easy Installer.

Then download Logging Test to your SD card. For some reason when I tried to download it directly to my phone, the download kept failing. So, I ended up downloading the program first to my PC, and then e-mailed it to myself on my phone as an attachment.

No matter how you get it there when you try to install it, you may get several warning messages about allowing the installation of an application from an unknown source is not recommended. Go ahead and set your phone to allow an application to be installed from an unknown source. After you're done installing Logging Test you can reset it to the safer setting that insists that an application comes from a known app store before it can be installed.

Once the program is installed, simply click the CIQ Checks button. In a few moments you'll know if you have the Carrier IQ spy on your phone or if your data's been safe from it.

This is what you want to see from the test: A clear screen.

This is what you want to see from the test: A clear screen.

In my case, with a Motorola Droid 2 phone running Android 2.3 on the Verizon network, I'm pleased to report that Carrier IQ wasn't present. According to Verizon, that's exactly how it should be. In a GigaOM report, Verizon Wireless spokesperson Jeffrey Nelson said, "Any report that Verizon Wireless uses Carrier IQ is patently false."

And, this is what you don't want to see. Carrier IQ at work.

And, this is what you don't want to see: Carrier IQ at work.

If you do have it, you'll need to pay $1 for an Android market key and Logging Test will try to zap it for you. This may, or may not, work. Reboot the program and re-run Logging Test to see if it worked.

This is a lot of trouble. Hopefully, the carriers will soon make it simple to disable Carrier IQ for those of us who really don't want to share everything we do on our phones with our phone companies.

Related Stories:

HTC rootkit discovered phoning home with user data

How to disable the Carrier IQ 'rootkit' on your iPhone

So, there's a rootkit hidden in millions of cellphones

7 questions that Carrier IQ needs to address immediately

Editorial standards