To sum up the video for those too lazy to watch it or too confused by it, Carrier IQ is an app that logs keystrokes, browser queries and who knows what else to either archive or transmit these somewhere. While other apps can normally be deactivated the usual way, CIQ is apparently designed to embed itself into the OS and cannot be disabled or removed via normal methods.
Why is this scary or illegal?
Logging keystrokes (ie. keylogging) is essentially copying exactly what you type into your gadget, and yes that includes passwords to email, credit card info and payment gateways, and since this is a phone, even the numbers you dial. Archiving browser queries is also downright illegal since these, especially those that are https (the 's' meaning secure), should never be privy to anyone other than you and your device.
What's more is that Carrier IQ transmits this data to who - knows - where, effectively obfuscating itself via long terms of agreements we've learned a long time ago to blindly agree to and ignore (effectively shifting the blame to ourselves).
Apparently there are methods to disable and remove it, but most people will never care to / have the time to / even care. This is clearly what the people who designed and implemented CIQ wanted, this is what riles me up, and this is what takes me back to why I appreciate Open Source.
And the thing about it is that its not even well - implemented. If the programmers were really serious about leaving a backdoor keylogger into a device you can go deeper and build it into the very core of the operating system, or maybe even deeper - via a chip or some hardware level solution that can do same or even more.
Instead, it's built on top of the OS layer, free for someone as observant and diligent as Mr. Eckhart (the guy who made the video) to catch and make a video about. I've no doubt many others also figured this out or at least wondered why there was an app they couldn't disable. At the moment it has already been seen 1.2M times and for sure, people are raising hell or at the very least already re - thinking their next gadget purchases.
Personally I'm not big into mobile and find the pursuit of these trivial, reserved for the idle rich, and contrary to my 3rd world conservative values. Smartphones are actually a much smaller market than their Press Releases would have you believe, particularly because of the prohibitive cost.
There's no doubt however that mobile holds promise, especially with the way manufacturers like Cherry, Huwei and MyPhone are pricing theirs, so tainting it with malicious apps like CIQ isn't going to help this market any as well.
I can't believe what a FAIL this, and all sorts of other examples of built - in hacks on other devices are. I just hope people can strap their brains on even a little bit to stop worshipping devices long enough and ask themselves if they should still want gadgets the manufacturers of which wants to get your personal data so much they resort to this.
- ‹ previous
- next ›
| 16 of 272 |
Post new comment