What's really going on with Carrier IQ on your phone

By , Network World |  Security, Carrier IQ, privacy

* HTTP request sent, or response received (the URL, request type, content length, and so on but not page contents)

* network state changes, sending an "internal identifier"

* a range of telephony and radio events (such as a dropped call, service issues, and so on)

* hardware event, sending data such as voltage, temperature, battery level

* key presses, but only in the phone dialer application

* miscellaneous GUI state changes, such as battery state

* starting or receiving a call or a failed call, which sends CallerID, state, and phone number

* application events such as a stopped app, or a new app, sending the application name

* questionnaire event, used when Carrier IQ is configured to present the user with a service questionnaire

* SMS message received or sent, which includes message length, phone, number, status, but no text from the body of the message.

According to Bace, this data is kept only temporarily and is protected by a number of mechanisms. The data from these metrics is stored by CIQ in small, circular memory queues that are repeatedly and frequently overwritten. "This is by design to allow the diagnostic routine in question to retain state, which is necessary for them to diagnose any but the most trivial of problems," she says. "I've seen lots of these as a common feature of security monitoring tools, with which I've worked for decades....The length of time buffers are retained can vary, as specific events may occur rarely, but they're cleared when uploaded by carriers or else periodically as part of system housekeeping."

Much of CIQ's real-time processing is about converting raw data collected from user-controllable interfaces, and stored in the queues, into anonymized status fields, such as battery levels of a phone over reporting intervals or the number of bad connections with the cell system in given time frame. These fields are converted into status flags and uploaded on demand, or when status fields are full, or on a schedule specified by the carrier. "[N]othing bound to [the] user is written to storage," Bace says.

Rosenberg's categorical insistence that Carrier IQ "cannot" read SMS text messages, among other things, directly contradicts what many bloggers, developers and others have said is shown in the Eckhart video.


Originally published on Network World |  Click here to read the original story.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

SecurityWhite Papers & Webcasts

See more White Papers | Webcasts

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question
randomness