Thursday, December 01, 2011

CarrierIQ: Your SmartPhone Is Spying On You

I've been tweeting about his for days, but it is now big enough that this issue requires a blog post. Independent security researchers (and hackers) have discovered a rootkit installed to most smart phones sold by the major American cellular carriers. Called CarrierIQ, this rootkit monitors and captures nearly everything you do on your smart phone including your location, every phone number you call, every web request you make, every key you type, and every App that you run. It has been found on Android phones, WebOS phones, BlackBerry phones, and other Nokia phones. It is unclear what information is actually being sent to each carrier, but there is the capability here for your carrier to literally know everything you do with your smartphone, whether you're on their network or on Wifi.

(Apple iPhones appear to have less-extreme version that tightly controls what is gathered and can be turned off in the Settings app. It is important to note that Google's stock Android phones (Google Nexus line, etc.) are clean of this rootkit. It is being added by manufacturers and carriers.)

This scandal is still blowing up, and it is unclear what the final fallout will be. But it appears your wireless carrier - in the name of improving service - may have been spying on nearly every aspect of your online life.

NOTE: To turn off CarrierIQ on your iPhone, go to Settings, General > About > Diagnostics & Usage, click "Don't Send". If you want to see what is being sent, check out "Diagnostic & Usage Data" instead. (At this point, I am leaving mine set to "Automatically Send."

No comments: