Cell phones are one of the greatest double edged swords human being have ever invented. They’re incredibly convenient communication devices that not only allow the possessor to make and receive phone calls but also send and receive e-mails, text messages, instant messages from various services, and almost any other data communication you can think of. Due to the amount of personal information we put into these devices they also make the greatest spy gadgets ever invented as they have a microphone, list of contacts, your recent e-mail messages, your current and previous locations, and other similar types of data. Because of the latter rootkits installed on phones are far more dangerous than those installed on personal computers, which is why this is unnerving news to say the least:
You may recall from a few articles back that we started talking about something called CIQ or Carrier iQ. This is, essentially, a piece of software that is embedded into most mobile devices, not just Android but Nokia, Blackberry, and likely many more. According to TrevE, the software is installed as a rootkit software in the RAM of devices where it resides. This software basically is completely hidden from view and in it virtually invisible, and worst of all, rather complicated to kill (some devices more so than others and you will see why in a few minutes). This is given root like rights over the device, which means that it can do everything it pleases and you will have nothing to say about it.
Why do we go into this? Well, a while back I was having some conversations back and forth with TrevE regarding all the HTC’s PoCs that he has been working on, and he started wondering about CIQ, as according to him, was one of the worst things that he had found in HTC’s code. So, he decided to start digging a little into this and found out that there is much more to be said regarding this software than even manufacturers will dare say. It turns out that CIQ is not exactly what many people don’t see (as it is hidden), but it is rather a very useful tool for system and network administrators. The tools is used to provide feedback and relevant data on several metrics that can help one of the aforementioned admins to troubleshoot and improve system and network performance. Point and case, the app seems to run in such a way that it allows the user to provide the input needed via surveys and other things. To put things in a more visual way, this is what CIQ should look like
Carrier iQ is likely one of the most dangerous pieces of software in common use today. I do understand the great amount of benefit it gives to cellular providers but we all know anything accessible by said providers can also be access by the government, often without so much as a court order.
There is a second article that brings up some of the implications of this software being installed on many cell phones. To call such software a violation of privacy being too nice, it literally allows third parties to spy on your every move and potentially listen in to your conversations. Smart criminals would have abandoned cellular phones while performing their ill-deeds long ago but intelligent people never follow the mantra of, “if you’re not doing anything wrong you have nothing to fear” in regards to potential surveillance.
It doesn’t look as though there is much that can be done about Carrier iQ without giving up the convenience of smart phones. Still it is smart to be aware of this technology so you can make the decision of what is more important; have the ability to communicate almost anywhere or a stronger guarantee of privacy.