Friday, December 16, 2011

The Carrier IQ Conspiracy

Madison Ruppert, Contributing Writer
Activist Post

Just weeks ago Trevor Eckhart, a security researcher and Android operating system developer, discovered a mysterious process running in the background of his Android-based device.

This program turned out to be Carrier IQ, or CIQ, and specifically the IQ Agent which is installed on mobile devices from all major carriers before they reach the consumer, totaling some 150 million phones, mostly in the United States.

The software is billed as a diagnostic tool which allows cellphone carriers to “better understand how mobile devices interact with and perform on their network,” according to an official Carrier IQ document that attempts to dispel what they bill as rumors and unfounded concerns of consumers and researchers.

The document is somewhat opaque and esoteric for those of us not familiar with the terminology and technology at work in these highly complex systems but some of it is quite easy to understand.

In the second paragraph of the introduction we read, “We want to thank Trevor Eckhart for sharing his findings with us through a working session that helped us to identify some of the issues highlighted in this report.”

This gives the impression that Carrier IQ was happy to see the findings of Eckhart and what he uncovered, but this is far from reality.

Eckhart discovered that the software was integrated with Android at the deepest levels and was able to monitor, record, and transmit even the most private data and interactions with the device.


He alleged that it could monitor every single individual keystroke and every interaction with the screen for that matter, along with encrypted Internet browsing sessions and searches, GPS data, network data, battery data, among other pieces of information which many people would likely like to keep private.

Instead of praising Eckhart and working closely with him as the introductory paragraph might have you believe, Carrier IQ sued Eckhart for copyright infringement because he made publicly available training materials accessible to interested parties, where otherwise they might not have been able to find them on the Carrier IQ website.

The Electronic Frontier Foundation, or EFF, stepped in on Eckhart’s behalf and countered their frivolous legal threat – clearly intended to silence Eckhart and stifle his research – after which Carrier IQ withdrew their threat entirely.

(Infographic credit: Eletronic Frontier Foundation)
The EFF has produced a simplified, but not dumbed-down, explanation of Carrier IQ and how exactly it operates, which you can read here.

For those who are interested in learning more about this program, which is likely active on your device if you own a smartphone, this brief article is an absolute must read.

Carrier IQ continues to maintain their innocence and claim that the software does not record keystrokes (and thus the content of every email, text message, or anything else you might type), but Eckhart’s research shows otherwise.

The second video released by Eckhart (seen here) clearly shows the software doing things that Carrier IQ claims it does not, along with others who seek to defend this technology and the erosion of privacy in the digital age.

As a result of Eckhart’s findings, lawsuits have been filed against Carrier IQ, HTC, Samsung, Apple, AT&T, Sprint Nextel, T-Mobile, and Motorola, alleging that it breaches the Federal Wiretap Act, Stored Electronic Communications Act, and the Computer Fraud and Abuse Act.

Despite the company’s insistence to the contrary, the suit alleges that, “[i]n addition to collecting device and service-related data, Carrier IQ’s software can collect data about a user’s location, application use, Web browsing habits, videos watched, texts read and even the keys they press.”

The establishment media has come to the aid of their corporate cronies, citing so-called experts who “debunked” Eckhart’s findings.

Declan McCullagh, chief political correspondent for CNET (which is owned by CBS Interactive and is thus part of the “big six”) and Dan Rosenberg, a supposed security expert allegedly debunked Eckhart’s findings, although their evidence is hardly compelling.

“The application does not record and transmit keystroke data back to carriers,” Rosenberg said, adding that after reverse-engineering the software he found that, “there is no code in Carrier IQ that actually records keystrokes for data collection purposes.”

What is his proof? Well, nothing other than CNET’s claim that Rosenberg “analyzed the assembly language code with a debugger that allowed him to look under the hood.”

We are simply supposed to believe this because he has discovered security vulnerabilities in various systems in the past; after all, no one has ever misrepresented the truth for monetary compensation, right?

They also point to another “well-known security expert” named Rebecca Bace who claims that Carrier IQ gave her access to the company’s engineers and internal documents.

“I’m comfortable that the designers and implementers expended a great deal of discipline in focusing on the espoused goals of the software–to serve as a diagnostic aid for assuring quality of service and experience for mobile carriers,” Bace said.

That’s all well and good, but the proof is in the pudding; and here they’re just telling us that they have pudding somewhere – you just don’t get to see it or verify the veracity of the existence of the pudding.

After all, they’re the experts and we’re just supposed to take their word for it. I guess they missed the appeal to authority fallacy in their studies – or lack thereof – of logic.

Carrier IQ doesn’t even seem to be able to keep the story straight, with their Vice President Andrew Coward claiming that his statement in Wired was a misquote in which he said the software could read text messages.

However, during the interview he did clearly say that carriers are able to collect data that would be able to determine the exact person who is using the phone, what programs they are running, when they charge the battery, what calls they make and where, etc.

His statements are hardly reassuring, even if the claim that the Carrier IQ software does not function as a keylogger is true, which is hardly clear at this stage.

Coward and Carrier IQ have found themselves in a bit of an imbroglio, with Coward saying, “One of the lessons we’ve had from this … clearly we should not have done that cease and desist.”

“What may have been the right response three or four years ago may not be the right response for now and … and we apologized … we did not expect that we would need to be so open and transparent about everything… We recognized as the crisis kind of developed that that was required for us to clear our name. That was a huge learning process,” Coward told CNET.

I find it absolutely astounding that he apparently thinks they would never have to be open and transparent about what their software is collecting and for what purposes.

I guess Coward never thought that it would be discovered and exposed in the first place, so no contingency plan had been created to deal with the massive fallout which we are now witnessing.

When asked about their competitors, Coward said that they only offer over-the-air downloadable software, whereas the Carrier IQ software is embedded into the device to make it not only hard to detect, but nearly impossible for any regular user to remove or control.

It gets even more interesting when we consider the fact that Coward (who was identified by The Washington Post as the senior vice president for marketing, a different title than what was given by CNET) revealed, “This week Carrier IQ sought meetings with the FTC and FCC to educate the two agencies … and answer any and all questions,” while adding that he was “not aware of an official investigation.”

Meanwhile, anonymous FTC officials said that they were conducting an inquiry into Carrier IQ and a spokeswoman for the FTC would not confirm or deny an investigation.

However, a public relations contractor for Carrier IQ named Mira Woods told The Washington Post in an email, “We are complying with all investigations at this time as we have nothing to hide … We have been completely transparent through this process.”

Later Woods requested that “investigations” be changed to “inquiries,” likely because the statement implies that there are indeed investigations going on currently with which they are complying.

Woods said, “We sought the meetings with the FCC and FTC in the interest of transparency and full disclosure,” thereby claiming that they sought out the meetings and thus were not an investigation.

In an official statement issued later in the day, Carrier IQ said, “This week Carrier IQ sought meetings with the FTC and FCC to educate the two agencies about the functionality of its software and answer any and all questions. Although Congressman Edward J. Markey (D-Mass.), co-Chairman of the Bi-Partisan Congressional Privacy Caucus, has asked the Federal Trade Commission (FTC) to investigate the practices of Carrier IQ, we are not aware of an official investigation into Carrier IQ at this time.”

The situation gets even more interesting and complex when we consider the Federal Bureau of Investigations (FBI) and their involvement in this debacle.

When Michael Morisy, a reporter for MuckRock News, filed a Freedom of Information Act (FOIA) request for “manuals, documents or other written guidance used to access or analyze data” which was obtained through any Carrier IQ program, the FBI denied the request because it was considered “law enforcement records.”

In response to Morisy’s request, the FBI wrote, “The information you requested is located in an investigative file which is exempt from disclosure.”

Paul Bresson, spokesman for the FBI, would not comment – meaning he would neither confirm nor deny, which in itself is a tacit confirmation – on if an investigation into Carrier IQ was ongoing or if they were utilizing the software for surveillance purposes of their own.

For anyone remotely familiar with issues like this, the phrase “plausible deniability” leaps to mind.

In addressing the FBI’s connection to Carrier IQ, the company said that the data gathered by the software are “not designed for law enforcement agencies and to our knowledge [have] never been used by law enforcement agencies.”

However, this means little to nothing in today’s America in which the PATRIOT Act can gag anyone from speaking of the warrants or investigations conducted by the federal government.

Even if they had knowingly handed over data to the FBI or DHS, or perhaps built the software for that purpose from day one, they likely would be prevented from ever confirming that fact or even hinting at it.

In another statement Carrier IQ claimed, “Carrier IQ [has] no rights to the data gathered and [has] not passed data to third parties. Should a law enforcement agency request data from us, we would refer them to the network operators. To date and to our knowledge we have received no such requests.”

Once again, if they had received such requests, it is very likely the case that they wouldn’t be able to speak about it.

It is clear that it is not the innocent diagnostics tool they would like to make it out to be, as the official responses from some companies have shown.

In an official statement, Sprint said, “We collect enough information to understand the customer experience with devices on our network and how to address any connection problems, but we do not and cannot look at the contents of messages, photos, videos, etc. using this tool.”

The wording of this statement does, however, imply that the software is capable of doing these things, they just “do not and cannot” view it themselves.

Apple’s statement is most interesting, as they clearly indicate that the software is not only capable of recording keystrokes, but also is capable of recording messages or other personal information.

“We stopped supporting Carrier IQ with iOS 5 in most of our products and will remove it completely in a future software update. With any diagnostic data sent to Apple, customers must actively opt-in to share this information, and if they do, the data is sent in an anonymous and encrypted form and does not include any personal information. We never recorded keystrokes, messages, or any other personal information for diagnostic data and have no plans to ever do so,” the statement said.

The details surrounding Carrier IQ are still quite fuzzy at this point but it is clear that it is not just a diagnostic tool collecting anonymous information to make our user experience better.

Like so much Big Brother technology, it is billed under one purpose and yet is capable of so much more.

Another trend we see repeating here is the constant contradictions, confusion, and misinformation or even disinformation pumped out by the establishment media and their “experts.”

I will continue to follow this story and write future articles about it as more information becomes available and a clearer picture begins to emerge.

Suffice to say, I’m not ignorant or na├»ve enough to think that this isn’t being used to collect private, sensitive data from millions of devices across the United States which is then funneled to centralized government databases.

It would be nice to think this wasn’t the case, but I would have to throw out literally everything I have learned in my research, all of which is based on irrefutable facts which one has to either delusionally refuse to pay attention to, or accept as a reality of the global police state control grid under which we currently live. 

This article first appeared at End the Lie 

Madison Ruppert is the Editor and Owner-Operator of the alternative news and analysis database End The Lie and has no affiliation with any NGO, political party, economic school, or other organization/cause. He is available for podcast and radio interviews. If you have questions, comments, or corrections feel free to contact him at admin@EndtheLie.com


BE THE CHANGE! PLEASE SHARE THIS USING THE TOOLS BELOW


BE THE CHANGE! PLEASE SHARE THIS USING THE TOOLS BELOW


If you enjoy our work, please donate to keep our website going.

12 comments:

mapi said...
This comment has been removed by the author.
mapi said...

"In-Q-Tel: A New Partnership
Between the CIA and the Private Sector":

Readers should check out the link to the CIA which details Carrier IQ's relationship with them:

Why was In-Q-Tel Created?

The Agency’s leadership recognized that the CIA did not, and could not, compete for IT innovation and talent with the same speed and agility that those in the commercial marketplace, whose businesses are driven by "Internet time" and profit, could. The CIA’s mission was intelligence collection and analysis, not IT innovation. The leadership also understood that, in order to extend its reach and access a broad network of IT innovators, the Agency had to step outside of itself and appear not just as a buyer of IT but also as a seller. The CIA had to offer Silicon Valley something of value, a business model that the Valley understood; a model that provides those who joined hands with In-Q-Tel the opportunity to commercialize their innovations. In addition, In-Q-Tel’s partner companies would also gain another valuable asset, access to a set of very difficult CIA problems that could become market drivers. Once the Agency’s leadership crossed these critical decision points, the path that led to In-Q-Tel’s formation was clear.

https://www.cia.gov/library/publications/additional-publications/in-q-tel/index.html

Anonymous said...

There really is no clean phone, the problem is the way the networks themselves function. If every tower on the network looked for every phone getting a call there wouldn't be enough bandwidth and would cost too much, so they track every phone real-time to see which towers have the best signal quality to send you your call, data, or texts.

As long as your phone is connected to the network, your phones microphone, camera, GPS, and it's contents are available to anyone who wants them. Worse yet your phone is nothing more than an open book to someone with a laptop and an antenna.

We've spent years researching the problem and have compiled a series of news reports that clearly lay out the problem, including the fact that turning your phone off doesn't cut it said at the end of the clips by ABC, FOX, Local network affiliates.

See for yourself: www.Thecaseforprivacy.com/blogs/news

mapi said...

Three of the four major cellular providers — AT&T, T-Mobile and Sprint — have said they use the company’s software in line with their own privacy policies. A Verizon spokesman said the program is not on any of the company’s mobile devices. Apple has said it would remove Carrier IQ from i­Phones in a future software update.

http://www.washingtonpost.com/business/economy/feds-probing-carrier-iq/2011/12/14/gIQA9nCEuO_story.html

Anonymous said...

IN EVERY WAY ORGANIZE NOW!
Hey, Activist Post, what’s the matter, something wrong with my comment post?
How can you call yourselves Activist Post, if you refuse to take ACTION?
Second(2nd) attempt!
KNOW YOUR ENEMIES
THE FACES OF THE BEAST
THE NEW WORLD ORDER IMPERIALISTS and
THEIR “OPERATIVES”

LIONS, TIGERS AND BEARS, OH MY;
LIARS, THIEVES AND MURDERERS, OH MY!

Did the cry’s and pleas from the victim of rape stop the rapist?
NO.
Nor, will any of your pleas or cry’s for justice be answered; so don’t cry, just act against the perpetrator’s of the injustice; period

“One cannot ask a crooked arrow,
to fly straight.” ~FranCisco d Nostromo

Current probable "OPERATIVE” list:

Declan McCullagh, chief political correspondent for CNET (which is owned by CBS Interactive and is thus part of the “big six”)

Dan Rosenberg, a supposed security expert

Rebecca Bace,“well-known security expert”

Andrew Coward, Carrier IQ, Vice President

Mira Woods, public relations contractor for Carrier IQ

Paul Bresson, spokesman for the FBI, would not comment – meaning he would neither confirm nor deny, which in itself is a tacit confirmation – on if an investigation into Carrier IQ was ongoing or if they were utilizing the software for surveillance purposes of their own.

This list of names, was compiled from the article:
The Carrier IQ Conspiracy by Madison Rupert
EACH and EVERY ARTICLE should produce the names of:
THE NEW WORLD ORDER IMPERIALISTS and THEIR probable "OPERATIVES”;
It is time to compile;
“THE LIST OF YOUR ENEMIES”

I’m told, If one is not a part of the solution, one is part of the problem!
Cisco d

Anonymous said...

How do you remove Carrier IQ software from your smart phone?

Anonymous said...

Any device or software that is on the market, that is "convenient" for the user should be suspected of also possibly being a means of data mining for the surveillance community. It would be naive for us to think that the intelligence gathering agencies wouldn't be taking advantage of such an excellent source of information. Let the market create the technology and then make deals that the companies cannot refuse. This was nothing but a win-win situation for both the CIA and the companies that created the software.

Anonymous said...

They say they had a meeting; they say it was an investigation or an inquiry. But, what if the secret is that the makers of Carrier IQ did so because of a secret mandate of what the gov't wanted these devices to enable them to do? And what if the "investigation" is really a huddle with them trying to decide: what to do, and how to spin it now that they've been outed? I don't trust these bastards. They can take their whole wireless comms system and choke on it for all I care.

Anonymous said...

I'd like to respond the the Anonymous question above which asks: How do you remove Carrier IQ software from your smart phone.

Easy.
If you have a tool kit at home, then there's probably a common claw hammer in it.
Step one: Set the phone on a solid surface, and with the hammer, give it a couple firm hits. Don't noodle wrist it.
Step two: Do not ever fall to the temptation to have one of these little beauties again. They are a nice toy, but the downsides are too many to make them worth it.

Anonymous said...

Ever heard of Echelon. They have been tapping our phones for years, and always will. They see all of us as terrorists and a threat to their grip on power.

Anonymous said...

I check by myself the software, and its scary, the information is send to a third party servers in CarrierIQ, and you cannot disable, even if you don't have a 3G, this use Wifi if its available. And the traffic is huge, meaning its more than diagnostic info.

Anonymous said...

great tool to plant incriminating data on your phone if they want to set you up!!!!

Post a Comment