The Carrier IQ conspiracy

By End the Lie

Just weeks ago Trevor Eckhart, a security researcher and Android operating system developer, discovered a mysterious process running in the background of his Android-based device.

This program turned out to by Carrier IQ, or CIQ, and specifically the IQ Agent which is installed on mobile devices from all major carriers before they reach the consumer, totaling some 150 million phones, mostly in the United States.

The software is billed as a diagnostic tool which allows cellphone carriers to “better understand how mobile devices interact with and perform on their network,” according to an official Carrier IQ document which attempts to dispel what they bill as rumors and unfounded concerns of consumers and researchers.

The document is somewhat opaque and esoteric for those of us not familiar with the terminology and technology at work in these highly complex systems but some of it is quite easy to understand.

In the second paragraph of the introduction we read, “We want to thank Trevor Eckhart for sharing his findings with us through a working session that helped us to identify some of the issues highlighted in this report.”

This gives the impression that Carrier IQ was happy to see the findings of Eckhart and what he uncovered, but this is far from reality.

Eckhart discovered that the software was integrated with Android at the deepest levels and was able to monitor, record, and transmit even the most private data and interactions with the device.

He alleged that it could monitor every single individual keystroke and every interaction with the screen for that matter, along with encrypted internet browsing sessions and searches, GPS data, network data, battery data, among other pieces of information which many people would likely like to keep private.

Instead of praising Eckhart and working closely with him as the introductory paragraph might have you believe, Carrier IQ sued Eckhart for copyright infringement because he made publicly available training materials accessible to interested parties, where otherwise they might not have been able to find them on the Carrier IQ website.

The Electronic Frontier Foundation, or EFF, stepped in on Eckhart’s behalf and countered their frivolous legal threat – clearly intended to silence Eckhart and stifle his research – after which Carrier IQ withdrew their threat entirely.

(Infographic credit: Eletronic Frontier Foundation)

The EFF has produced a simplified, but not dumbed-down, explanation of Carrier IQ and how exactly it operates, which you can read here.

For those who are interested in learning more about this program, which is likely active on your device if you own a smartphone, this brief article is an absolute must read.

Carrier IQ continues to maintain their innocence and claim that the software does not record keystrokes (and thus the content of every email, text message, or anything else you might type), but Eckhart’s research shows otherwise.

The second video released by Eckhart (seen here) clearly shows the software doing things that Carrier IQ claims it does not, along with others who seek to defend this technology and the erosion of privacy in the digital age.

As a result of Eckhart’s findings, lawsuits have been filed against Carrier IQ, HTC, Samsung, Apple, AT&T, Sprint Nextel, T-Mobile, and Motorola, alleging that it breaches the Federal Wiretap Act, Stored Electronic Communications Act, and the Computer Fraud and Abuse Act.

Despite the company’s insistence to the contrary, the suit alleges that, “[i]n addition to collecting device and service-related data, Carrier IQ’s software can collect data about a user’s location, application use, Web browsing habits, videos watched, texts read and even the keys they press.”

The establishment media has come to the aid of their corporate cronies, citing so-called experts who “debunked” Eckhart’s findings.

Declan McCullagh, chief political correspondent for CNET (which is owned by CBS Interactive and is thus part of the “big six”) and Dan Rosenberg, a supposed security expert allegedly debunked Eckhart’s findings although their evidence is hardly compelling.

“The application does not record and transmit keystroke data back to carriers,” Rosenberg said, adding that after reverse-engineering the software he found that, “there is no code in Carrier IQ that actually records keystrokes for data collection purposes.”

What is his proof? Well, nothing other than CNET’s claim that Rosenberg “analyzed the assembly language code with a debugger that allowed him to look under the hood.”

We are simply supposed to believe this because he has discovered security vulnerabilities in various systems in the past, after all no one has ever misrepresented the truth for monetary compensation, right?

They also point to another “well-known security expert” named Rebecca Bace who claims that Carrier IQ gave her access to the company’s engineers and internal documents.

“I’m comfortable that the designers and implementers expended a great deal of discipline in focusing on the espoused goals of the software–to serve as a diagnostic aid for assuring quality of service and experience for mobile carriers,” Bace said.

That’s all well and good but the proof is in the pudding and here they’re just telling us that they have pudding somewhere – you just don’t get to see it or verify the veracity of the existence of the pudding.

After all, they’re the experts and we’re just supposed to take their word for it. I guess they missed the appeal to authority fallacy in their studies – or lack thereof – of logic.

Carrier IQ doesn’t even seem to be able to keep the story straight, with their Vice President Andrew Coward claiming that his statement in Wired was a misquote in which he said the software could read text messages.

However, during the interview he did clearly say that carriers are able to collect data which would be able to determine the exact person who is using the phone, what programs they are running, when they charge the battery, what calls they make and where, etc.

His statements are hardly reassuring, even if the claim that the Carrier IQ software does not function as a keylogger is true, which is hardly clear at this stage.

Coward and Carrier IQ have found themselves in a bit of an imbroglio, with Coward saying, “One of the lessons we’ve had from this … clearly we should not have done that cease and desist.”

“What may have been the right response three or four years ago may not be the right response for now and … and we apologized … we did not expect that we would need to be so open and transparent about everything… We recognized as the crisis kind of developed that that was required for us to clear our name. That was a huge learning process,” Coward told CNET.

I find it absolutely astounding that he apparently thinks they would never have to be open and transparent about what their software is collecting and for what purposes.

I guess Coward never thought that it would be discovered and exposed in the first place, so no contingency plan had been created to deal with the massive fallout which we are now witnessing.

When asked about their competitors, Coward said that they only offer over-the-air downloadable software, whereas the Carrier IQ software is embedded into the device to make it not only hard to detect but nearly impossible for any regular user to remove or control.

It gets even more interesting when we consider the fact that Coward (who was identified by The Washington Post as the senior vice president for marketing, a different title than what was given by CNET) revealed, “This week Carrier IQ sought meetings with the FTC and FCC to educate the two agencies … and answer any and all questions,” while adding that he was “not aware of an official investigation.”

Meanwhile, anonymous FTC officials said that they were conducting an inquiry into Carrier IQ and a spokeswoman for the FTC would not confirm or deny an investigation.

However, a public relations contractor for Carrier IQ named Mira Woods told The Washington Post in an email, “We are complying with all investigations at this time as we have nothing to hide … We have been completely transparent through this process.”

Later Woods requested that “investigations” be changed to “inquiries” likely because the statement implies that there are indeed investigations going on currently with which they are complying.

Woods said, “We sought the meetings with the FCC and FTC in the interest of transparency and full disclosure,” thereby claiming that they sought out the meetings and thus were not an investigation.

In an official statement issued later in the day, Carrier IQ said, “This week Carrier IQ sought meetings with the FTC and FCC to educate the two agencies about the functionality of its software and answer any and all questions. Although Congressman Edward J. Markey (D-Mass.), co-Chairman of the Bi-Partisan Congressional Privacy Caucus, has asked the Federal Trade Commission (FTC) to investigate the practices of Carrier IQ, we are not aware of an official investigation into Carrier IQ at this time.”

The situation gets even more interesting and complex when we consider the Federal Bureau of Investigations (FBI) and their involvement in this debacle.

When Michael Morisy, a reporter for MuckRock News, filed a Freedom of Information Act (FOIA) request for “manuals, documents or other written guidance used to access or analyze data” which was obtained through any Carrier IQ program, the FBI denied the request because it was considered “law enforcement records.”

In response to Morisy’s request, the FBI wrote, “The information you requested is located in an investigative file which is exempt from disclosure.”

Paul Bresson, spokesman for the FBI, would not comment – meaning he would neither confirm nor deny, which in itself is a tacit confirmation – on if an investigation into Carrier IQ was ongoing or if they were utilizing the software for surveillance purposes of their own.

For anyone remotely familiar with issues like this, the words “plausible deniability” leap to mind.

In addressing the FBI’s connection to Carrier IQ, the company said that the data gathered by the software are “not designed for law enforcement agencies and to our knowledge [have] never been used by law enforcement agencies.”

However, this means little to nothing in today’s America in which the PATRIOT Act can gag anyone from speaking of the warrants or investigations conducted by the federal government.

Even if they had knowingly handed over data to the FBI or DHS, or perhaps built the software for that purpose from day one, they likely would be prevented from ever confirming that fact or even hinting at it.

In another statement Carrier IQ claimed, “Carrier IQ [has] no rights to the data gathered and [has] not passed data to third parties. Should a law enforcement agency request data from us, we would refer them to the network operators. To date and to our knowledge we have received no such requests.”

Once again, if they had received such requests, it is very likely the case that they wouldn’t be able to speak about it.

It is clear that it is not the innocent diagnostics tool they would like to make it out to be, as the official responses from some companies have shown.

In an official statement, Sprint said, “We collect enough information to understand the customer experience with devices on our network and how to address any connection problems, but we do not and cannot look at the contents of messages, photos, videos, etc. using this tool.”

The wording of this statement does, however, imply that the software is capable of doing these things, they just “do not and cannot” view it themselves.

Apple’s statement is most interesting, as they clearly indicate that the software is not only capable of recording keystrokes, but also is capable of recording messages or other personal information.

“We stopped supporting Carrier IQ with iOS 5 in most of our products and will remove it completely in a future software update. With any diagnostic data sent to Apple, customers must actively opt-in to share this information, and if they do, the data is sent in an anonymous and encrypted form and does not include any personal information. We never recorded keystrokes, messages, or any other personal information for diagnostic data and have no plans to ever do so,” the statement said.

The details surrounding Carrier IQ are still quite fuzzy at this point but it is clear that it is not just a diagnostic tool collecting anonymous information to make our user experience better.

Like so much Big Brother technology, it is billed under one purpose and yet is capable of so much more.

Another trend we see repeating here is the constant contradictions, confusion, and misinformation or even disinformation pumped out by the establishment media and their “experts.”

I will continue to follow this story and write future articles about it as more information becomes available and a more clear picture of what this is really up to begins to emerge.

Suffice it to say, I’m not ignorant or naïve enough to think that this isn’t being used to collect private, sensitive data from millions of devices across the United States which is then funneled to centralized government databases.

It would be nice to think this wasn’t the case but I would have to throw out literally everything I have learned in my research, all of which is based in irrefutable facts which one has to either delusionally refuse to pay attention to the information or accept as a reality of the global police state control grid under which we currently live.

Top Search Terms Used to Find This Page:

7 Responses to The Carrier IQ conspiracy

  1. Alex December 15, 2011 at 5:20 PM

    There’s just one big problem here with your analysis of Eckhart’s video… you make the same mistake that others did in simply assuming that the debug log file you were looking at was created by the Carrier IQ software.

    It wasn’t.

    It was created by separate debug software installed on that phone (which should have been disabled before going to customers). That software isn’t made by or related to Carrier IQ. It tracked various activities on the phone including keystrokes as well as activities of Carrier IQ. If you watch that video again, you’ll see that the lines where keystrokes were listed didn’t include mention of Carrier IQ.

    Reply
    • Liberty December 16, 2011 at 2:10 AM

      how much does CIQ pay you?

      Reply
    • oblivious citizen December 23, 2011 at 3:40 PM

      Fucking shill.

      Reply
  2. Mark December 16, 2011 at 3:29 AM

    SMASH YOUR PHONE!

    Reply
  3. PAGAU December 16, 2011 at 10:04 AM

    This is one market that really needs the open-source model for personal security in the software. At least with my PC I can control what is running on it. Why not with mobile devices? Because the wireless carrier controls the terminal units? No! Take control of the terminals away from the carriers and give it to the people. They did it with ma-bell in the eighties, they can do it with the wireless carriers. It is monopoly control over markets that allows this kind of thing to happen.

    Reply
  4. Jo January 15, 2012 at 4:11 PM

    dump your phone unless you’d like to volunteer to get tracked and watched 24/7

    literally no phone is safe thanks to e911

    Reply
  5. Jake Roberts March 6, 2012 at 4:18 AM

    Keep it real. Take it back…

    Reply

Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Advertise on End the Lie

Would you like to have your business or service exposed to thousands of people every day here at End the Lie? We have a wide variety of options available all at unbeatable prices. At the same time you will be supporting a truth-oriented alternative news outlet as well as hardworking independent journalists across the United States and the world.

If you would like to know more please email us and please be sure to include the details of what you are advertising, what your budget is and what type of advertising format you are looking for, including size(s), length of advertising period and any other pertinent details. The more information you give us, the more accurate the quote will be. We might also be able to work out some unique advertising tailored to your needs so feel free to contact us with questions and ideas.

Note: our advertisers have absolutely no input in what we cover or how we cover it. If this is problematic, you might want to seek out another news outlet. Here at End the Lie we put the truth first and thus no sponsor will be able to control our content. We reserve the right to refuse service to anyone and we will not advertise pornography, gambling, drugs, alcohol, tobacco or anything that might otherwise be illegal.