Hardware 2.0

Adrian Kingsley-Hughes

So, there's a rootkit hidden in millions of cellphones

By Adrian Kingsley-Hughes | December 1, 2011, 6:20am PST

Summary: Rootkit found in Android, Symbian, BlackBerry, webOS and even iOS handsets … but not Windows Phone handsets.

RoboForm: Learn more...

iPhone owners: Here’s how to disable the Carrier IQ ‘rootkit’ on your handset.

So, it seems that there is a rootkit hidden in millions of Android, Symbian, BlackBerry, webOS and even iOS handset that logs everything we do.

WHAT?!?!?!

[UPDATE: According to Nokia, 'CarrierIQ does not ship products for any Nokia devices.']

The rootkit belongs to a company called Carrier IQ and it seems that it has low-level access to the system that allows it to spy on pretty much everything that you do with your handset. This, on the face of it, seems like an extremely serious breach of security, privacy and trust.

The capabilities of the rootkit were first discovered by 25-year-old Trevor Eckhart.

Here’s a video showing how everything, including text messages and encrypted web searches, are being logged. It’s truly horrifying.

NOTE: At this point there is no evidence to suggest that keystroke data is being transmitted from the handset.

According to Carrier IQ the company is ‘not recording keystrokes or providing tracking tools.’ The video above seems to suggest otherwise.

When Eckhart initially labeled the software as a rootkit, Carrier IQ threatened him with legal action. Only when the Electronic Frontier Foundation stepped in did the company back off from this threat.

“Every button you press in the dialer before you call,” Eckhart says on the video, “it already gets sent off to the IQ application.”

Like I said earlier, there’s a version of Carrier IQ on Apple’s iOS, but it doesn’t seem to be quite the same and doesn’t seem to access as much information. Also, if you want to disable Carrier IQ on your iOS 5 device, turning off Diagnostics and Usage under Settings seems to be enough.

You might have noticed that I didn’t list Windows Phone 7 OS earlier. That’s because it seems that Windows Phone handsets don’t have Carrier IQ installed.

Here’s a video that explains some more about Carrier IQ. This video also contains a clip from a video by Carrier IQ’s vice president of marketing explaining how the company sees this as being completely legal.

There are a LOT of unanswered questions. I’m expecting an avalanche of press releases from a lot of carriers and handset makers over the next few days.

Here’s a video by Carrier IQ CEO Larry Lenhart describing the benefits of their technology. According to Lenhart, Carrier IQ doesn’t record keystrokes and doesn’t provide tracking tools:

[UPDATE: Some carriers and makers are already coming out with details.]

Poll

Carrier IQ ... do you want it removed from your handset?

Poll

Do you believe that you opted-in or consented to Carrier IQ logging?

What are your thoughts on this?

Related:

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

Topics

Adrian Kingsley-Hughes is an internationally published technology author who has devoted over a decade to helping users get the most from technology.

Disclosure

Adrian Kingsley-Hughes

All opinions expressed on Hardware 2.0 are those of Adrian Kingsley-Hughes. Every effort is made to ensure that the information posted is accurate. If you have any comments, queries or corrections, please contact Adrian via the email link here. Any possible conflicts of interest will be posted below. [Updated: February 23, 2010] - Adrian Kingsley-Hughes has no business relationships, affiliations, investments, or other actual/potential conflicts of interest relating to the content posted so far on this blog.

Biography

Adrian Kingsley-Hughes

Adrian Kingsley-Hughes is an internationally published technology author who has devoted over a decade to helping users get the most from technology -- whether that be by learning to program, building a PC from a pile of parts, or helping them get the most from their new MP3 player or digital camera.

Adrian has authored/co-authored technical books on a variety of topics, ranging from programming to building and maintaining PCs. His most recent books include "Build the Ultimate Custom PC", "Beginning Programming" and "The PC Doctor's Fix It Yourself Guide". He has also written training manuals that have been used by a number of Fortune 500 companies.

Adrian also runs a popular blog under the name The PC Doctor, where he covers a range of computer-related topics -- from security to repairing and upgrading.

Talkback Most Recent of 93 Talkback(s)

  • RE: So, there's a rootkit hidden in millions of cellphones
    Needs to be gone immediately. I was considering buying an Android phone to replace my iPhone 4, specifically a Samsung Galaxy SII Skyrocket. But I'm not touching an Android phone until this is resolved.
    ZDNet Gravatar
    rshol
    4 hrs ago
  • Froze it with Titanium Backup
    My Evo is rooted, so I used Titanium Backup to "freeze" HTC IQagent and IQRD. The processes no longer show in OS Monitor.
    ZDNet Gravatar
    dougsyo@...
    3 hrs ago
  • RE: So, there's a rootkit hidden in millions of cellphones
    @dougsyo@...

    Freezing those two apps doesn't even come close to removing CIQ. It runs as a native linux service and their are hooks to it in several of the core android system files. Removing it is tedious but possible. If you really want it removed, you need to load a cuistom ROM with CIQ removed from all of the core android files.
    ZDNet Gravatar
    toadlife
    57 minutes ago
  • RE: So, there's a rootkit hidden in millions of cellphones
    @rshol "Rootkit found in Android, Symbian, BlackBerry, webOS and even iOS handsets but not Windows Phone handsets."

    SO youll buy a WP7 instead cuz iPhones too have this..
    ZDNet Gravatar
    pepe-el-Toro
    56 minutes ago
  • RE: So, there's a rootkit hidden in millions of cellphones
    @rshol

    Buy a Windows Phone instead! Nokia is coming to the states in early 2012. Hobble along on your IOS garbage until then or jump ship for one of the nice HTC/Samsung offerings available now.
    ZDNet Gravatar
    rob.sharp@...
    44 minutes ago
  • RE: So, there's a rootkit hidden in millions of cellphones
    @rshol I phone has it too. See AOL today.
    ZDNet Gravatar
    thegreenwizard1
    30 minutes ago
  • Don't buy a locked phone!
    @rshol
    1. Seriously, don't buy locked phones.

    2. Don't sign contracts with mobile phone service providers that lock you into using just their service.

    I have never trusted the big telecoms providers. The rootkit is put in by the mobile phone service provider to track your activities and ultimately to sell you more stuff. This works alongside an electronic lock that prevents you from using another provider's SIM (subscriber identity module) in your device.

    The service providers we tolerate here in rip-off Britain are particularly scummy. They fleece their locked-in users up to GBP1.50 (about two bucks US) a minute should you wish to use your mobile phone, say in France or Germany. Actually, I'm gobsmacked that the EU Competition Commission has let them get away with this horrendously uncompetitive practice for so long - but back to the plot...

    My solution is simple. Buy cheap unbranded, unlocked mobile phones from China (dirt cheap via eBay). These are usually quadbanders that will run on any SIM, anywhere on the planet that has a mobile phone mast within a few km. Means you can mix & match your SIMs, so you make you calls at the best price. Also means it is much, much harder for the scumbag telecoms providers to collect any meaningful data about you.

    My current favourite is the waterproof Chinaphone watch phone W818 (google it) - way cooler (and cheaper) than anything Apple makes IMHO. But there are shed loads of others. Stick your current SIM(s) in it and you're free!

    Best wishes, G.
    ZDNet Gravatar
    mrgoose
    14 minutes ago
  • RE: So, there's a rootkit hidden in millions of cellphones
    @rshol It's not just android.... I knew something like this was going on. The other day I went to dial my phone (it was low on memory) and I noticed it opened an internet connection and sent some data before it would dial. Right then I knew something was up. I figured out a way to block it and tried dialing and got a dialing error, but then the call went through. I googled the error and nobody had figured this out. I was going to put it on the debugger and watch it and see what it did. Glad this guy reported it with evidence. I'm hoping some attorney picks this up and sees CLASS ACTION written all over it. (motorola droid 1)
    ZDNet Gravatar
    dbeecher@...
    15 minutes ago
  • You better wait with the upgrade until next year, because
    @rshol: ... with this SGS2 choice you are actually downgrading in some key areas -- for example, screen resolution there is twice lower than on iPhone 4.

    But next year Samsung might actually produce screen that could compete with 2010's resolution of iPhone, and then you would be able to buy new phone without downgrading characteristics.

    Also, Apple will present iPhone 4G, and it will have more sense to upgrade from iPhone 4 comparing to upgrading from your phone to iPhone 4S now -- since, obviously, characteristics will differ more significantly.
    ZDNet Gravatar
    dderss
    14 minutes ago
  • RE: So, there's a rootkit hidden in millions of cellphones
    Google and its evil empire is spreading via android and chrome... Initially it was drug pharmacy ads. Next they killed small business and ate their lunch, now they are charging for maps... Its no wonder lot of cellular carriers want to sell android and not WP7 phones, beacuse they can't do their malware activites with WP7. Its time to dump all google products.
    ZDNet Gravatar
    owlnet
    4 hrs ago
  • RE: So, there's a rootkit hidden in millions of cellphones
    @owlnet Microsoft has its own root kit. It is called Microsoft telemetry data. Which the phones end back to the mothership on a regular basis.
    ZDNet Gravatar
    Rick_Kl
    3 hrs ago
  • RE: So, there's a rootkit hidden in millions of cellphones
    @Rick_Kl - only if you explicitly allow it.
    ZDNet Gravatar
    bitcrazed
    3 hrs ago
  • RE: So, there's a rootkit hidden in millions of cellphones
    @Rick_Kl
    You know this because you wrote it for Microsoft, and thats how you are able to retire early and lead a luxury life. We got it.
    ZDNet Gravatar
    Rama.NET
    3 hrs ago
  • RE: So, there's a rootkit hidden in millions of cellphones
    @Rick_Kl

    Only if you allow it. It can be disabled in the settings menu.
    ZDNet Gravatar
    Cylon Centurion
    3 hrs ago
  • Can you disable the iPhone rootkit like you can
    @Rick_Kl
    the Microsoft telemetry data?
    ZDNet Gravatar
    William Farrell
    29 minutes ago

Talkback - Tell Us What You Think

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]
Click Here

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity

White Papers, Webcasts, & Resources