Researcher Shows How Secret App Installed On Smartphones Logging Everything [Video]

Android developer Trevor Eckhart produced a video of how the Carrier IQ software, secretly installed on millions of mobile phones, reports most everything a user does on its smartphone.

Security researcher  Trevor Eckhart  has posted a video detailing hidden software – known as Carrier IQ, which describes itself as “the world’s leading provider of Mobile Service Intelligence solutions – logs numerous details about users’ activities.

In a 17-minute video posted Monday on YouTube, Trevor Eckhart shows how the software – – logs every text message, Google search and phone number typed on a wide variety of smart phones – including HTC, Blackberry, Nokia* and others – and reports them to the mobile phone carrier.

The application, which is labeled on Eckhart’s HTC smartphone as “HTC IQ Agent,” also logs the URL of websites searched on the phone, even if the user intends to encrypt that data using a URL that begins with “HTTPS,” Eckhart said.

The software always runs when Android operating system is running and users are unable to stop it, Eckhart said in the video.

“Why is this not opt-in and why is it so hard to fully remove?” Eckhart wrote at the end of the video.

In a post about Carrier IQ on his website, Eckhart called the software a “rootkit,” a security term for software that runs in the background without a user’s knowledge and is commonly used in malicious software.

Eckhart’s video is the latest in a series of attacks between him and the company. Earlier this month, Carrier IQ sent a cease and desist letter to Eckhart claiming he violated copyright law by publishing Carrier IQ training manuals online. But after the Electronic Frontier Foundation, a digital rights group, came to Eckhart’s defense, the company backed off its legal threats.

The Electronic Frontier Foundation said the software that Eckhart has publicized “raises substantial privacy concerns” about software that “many consumers don’t know about.”

Carrier IQ could not immediately be reached for comment. But the company told Wired.com that its software is used for “gathering information off the handset to understand the mobile-user experience, where phone calls are dropped, where signal quality is poor, why applications crash and battery life.”

On its website, Carrier IQ, founded in 2005, describes itself as “the world’s leading provider of Mobile Service Intelligence solutions.”

*A Nokia spokeswoman said CarrierIQ does not ship products for any Nokia devices. UPDATE 1: Grant Paul, a well-known iPhone hacker who goes by the screenname “chpwn”, wrote on his blog that Apple has included Carrier IQ on the iPhone, but the software’s default is disabled. Senator Al Franken, concerned that Carrier IQ’s software may violate federal law, sent a letter to the company requesting an explanation of the software’s purpose.

Senator Al Franken sent an open letter to California-based Carrier IQ as smartphone titans Apple, Nokia, and Research In Motion (RIM) distanced themselves from the company’s controversial software.

“This is potentially a very serious matter,” Franken said in the letter.[Header photo via Telstra Corp/Flickr; Story via The Huff Post and Wired]

Share This article

We welcome comments that advance the story directly or with relevant tangential information. We try to block comments that use offensive language, all capital letters or appear to be spam, and we review comments frequently to ensure they meet our standards. If you see a comment that you believe is irrelevant or inappropriate, you can flag it to our editors by using the report abuse links. Views expressed in the comments do not represent those of Coinspeaker Ltd.