01
Dec
vzlogo

Verizon Wireless: Carrier IQ Is Not On Our Phones

Posted by in News, Verizon Wireless

If you're a Verizon Wireless customer and concerned about Carrier IQ, it looks like you can leave your worry at the door. Verizon's Jeffery Nelson confirmed via Twitter to The Verge's Joshua Topolsky that Verizon phone are free of CIQ, and that this "was made clear two weeks ago."

2011-12-01 09h50_20

So, if you're on Big Red and have been feeling panic-ey thinking about CIQ or digging through your running processes looking for IQRD, you can rest your weary mind - Papa VZW has your back. The only thing that could make me happier now is an official Galaxy Nexus release date.

29
Nov
carrierIQ

How Deep Does The Rabbit Hole Go? An In-Depth Look At Carrier IQ, The Data It Logs, And What's Really Going On

Posted by in Android OS, News
Last Updated: January 17th, 2012

Lately, we've talked a lot about Carrier IQ, the "service" that hides itself in the background of an unknown number of Android devices, harvesting information and sending it back to carriers. While it's still unclear how deep the rabbit hole actually goes, the dev who discovered it, TrevE, is still digging in search of the answer. His latest findings may shine a bit of light on the subject, and I can promise you one thing: it's not pretty.

CIQ's Cloak of Invisibility

If you want to build an app that is designed to harvest the data of unknowing customers, there's a good chance that it's going to be well-hidden.

23
Nov
image

Carrier IQ Drops Legal Threats, Apologizes To Developer Trevor Eckhart

Posted by in Legal, News

Trevor Eckhart, a developer involved in uncovering a huge security vulnerability that affected several HTC devices, was recently threatened by Carrier IQ (CIQ), a company involved in gathering various forms of user data and sending it to carriers or manufacturers for analysis. For those who haven't  been following the story, here's what happened:

Trevor Eckhart found several training manuals on CIQ's website. These were publicly available. Trevor shared them with the community, explaining just how far-reaching CIQ's data collection practices are. At this point, CIQ became aware of the fact that sensitive information had been exposed, and pulled the files from their website.

21
Nov
logo_carrieriq

EFF Defends Android Dev Trevor Eckhart From Carrier IQ's Bogus Legal Threats After Exposing Phone Data Logging

Posted by in Android OS, Legal, News

If you don't know who Trevor Eckhart is, you might remember a little piece we published earlier this year about a massive HTC data vulnerability caused by the company's data-logging operations. Trevor was the guy who found that vulnerability and did almost all of the legwork in investigating it. Since then, Trevor has been hard at work looking at more mobile data logging applications used by various manufacturers, including one written by a company called Carrier IQ.

CIQ, as it's more commonly known, harvests various user data from its host device and sends it back to carriers or manufacturers for analysis and record-keeping purposes.

01
Oct
image

Massive Security Vulnerability In HTC Android Devices (EVO 3D, 4G, Thunderbolt, Others) Exposes Phone Numbers, GPS, SMS, Emails Addresses, Much More

Posted by in EVO 3D (Shooter), EVO 4G (Supersonic), HTC, News, Thunderbolt (Mecha), Videos
Last Updated: January 17th, 2012

I am quite speechless right now. Justin Case and I have spent all day together with Trevor Eckhart (you may remember him as TrevE of DamageControl and Virus ROMs) looking into Trev's findings deep inside HTC's latest software installed on such phones as EVO 3D, EVO 4G, Thunderbolt, and others.

These results are not pretty. In fact, they expose such ridiculously frivolous doings, which HTC has no one else to blame but itself, that the data-leaking Skype vulnerability Justin found earlier this year pales in comparison. Without further ado, let me break things down.

The Vulnerability

Update 10/4/11: HTC posted a public response promising a patch.

Page 2 of 212