Forgot your password?

Comment: Not exactly accurate... (Score 4, Interesting) 322

by djrbliss (#38213748) Attached to: Android Dev Demonstrates CarrierIQ Phone Logging Software On Video

Disclaimer: I have thoroughly reverse engineered CarrierIQ's software.

This issue has been blown out of proportion. CarrierIQ has hooks that respond to events triggered by keystrokes, web traffic, and SMS messages. It also makes the mistake of printing debugging output containing plaintext of some of this data, which is a pretty bad screwup. Additionally, there's no real reason CIQ should have hooks in those places in the first place.

What they don't do is actually store any of this information and report it to your carrier (keep in mind I know this because I actually looked at the application). In terms of what's actually being stored, I've seen no evidence that CIQ is collecting anything more than what they have publicly claimed: anonymized metrics data. That doesn't mean users shouldn't be able to opt-out of this software, since it still represents a potential risk to privacy. But at this point, this whole thing has turned into a witch hunt.

In short, there's a big difference between "look, it does something when I press a key!" and "it's storing all my keystrokes and sending them to my carrier!". This video demonstrates the first, but the second doesn't actually happen. They shouldn't be doing what they're doing, and users should be able to opt out, but this isn't nearly as evil as people are making it out to be.

2.4 statute miles of surgical tubing at Yale U. = 1 I.V.League