According to a developer on the XDA forums, TrevE, many Android, Nokia, and BlackBerry smartphones have software called
"Carrier IQ" that allows your carrier full access into your handset, including keylogging, which apps have been run, URLs that have been loaded in the browser, etc.
Trevor Eckhart, Justin Case, and Artem Russakovskii have
found and analyzed a frightening array of vulnerabilities related to HTC's customization of Android. From the article:
Any app on affected devices that requests a single android.permission.INTERNET (which is normal for any app that connects to the web or shows ads) can get its hands on:
the list of user accounts, including email addresses and sync status for each
last known network and GPS locations and a limited previous history of locations
phone numbers from the phone log
SMS data, including phone numbers and encoded text (not sure yet if it's possible to decode it, but very likely)
system logs (both kernel/dmesg and app/logcat), which includes everything your running apps do and is likely to include email addresses, phone numbers, and other private info
(email not shown publicly) "Statistics are like a bikini. What they reveal is suggestive, but what they conceal is vital." -- Aaron Levenstein
Submitted a Story That Was Posted
MSDOS is not dead, it just smells that way.
-- Henry Spencer