Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Carrier IQ Vs. Wiretap Laws
Newest First  |  Oldest First  |  Threaded View
Page 1 / 2   >   >>
RichF
RichF,
User Rank: Apprentice
12/2/2011 | 8:01:37 PM
re: Carrier IQ Vs. Wiretap Laws
I think that there is some confusion here. If you watch the video that Eckhart has released, on his HTC phone, the software was hidden under a filename starting with a letter H. So everyone out there has been looking for software with CIQ in the executeable name. I looked on my Verizon Smartphone, which is a Motorola Android 2 Global and it has no CIQ software on it. And Verizon swears that there is no CIQ malware on their phones, So is my phone clean? I don't think so. Looking carefully, I found a hidden app running un-noticed called KPI Logger. If you look at the information this application accesses, it appears to perform the same functions as the CIQ software. That KPI Logger app is branded Motorola, but on Eckharts demo, his CIQ software might have been branded HTC.

This isn't just an Apple problem, or an HTC Sprint problem. I suspect that all the carriers are using either licensed versions of the CIQ software or software witten by or for them by another company that accomplishes the same nastiness.
majenkins
majenkins,
User Rank: Apprentice
12/2/2011 | 1:28:46 PM
re: Carrier IQ Vs. Wiretap Laws
I don't think the data was ever being sent to Carrier IQ, at the most it was being sent to your carrier.

This is a terrible situation but you don't need to make to seem worse than it is.
majenkins
majenkins,
User Rank: Apprentice
12/2/2011 | 1:27:15 PM
re: Carrier IQ Vs. Wiretap Laws
When you say your personal computers do mean computers you owned or computers they owned? And please tell us what you were doing on company time that caused being monitored at work to ruin your life.
majenkins
majenkins,
User Rank: Apprentice
12/2/2011 | 1:22:23 PM
re: Carrier IQ Vs. Wiretap Laws
This sounds a lot like the Sony root-kit on music CDs issue from a few years ago and I suspect that in the end the carriers and Carrier IQ are going to have a lot of egg on their faces and are going to take a big public relations hit, if not something worse.
GCE
GCE,
User Rank: Apprentice
12/2/2011 | 12:17:05 AM
re: Carrier IQ Vs. Wiretap Laws
Why does SPRINT in my case need to know and log my personal financial information? Why does SPRINT need to log all of my keystrokes on my HTC EVO 3D smartphone? Why was I not told about this when I purchased the product? Why am I not allowed to turn Carrier IQ IQRD application off? What does SPRINT and Carrier IQ do with my personal text messages? When I contacted SPRINT Customer and Technical Support they told me there was nothing they could do to stop the application.
Number 6
Number 6,
User Rank: Apprentice
12/1/2011 | 11:10:31 PM
re: Carrier IQ Vs. Wiretap Laws
Look up Legal Intercept and CALEA. Governments often require backdoors.
japura941
japura941,
User Rank: Apprentice
12/1/2011 | 9:38:16 PM
re: Carrier IQ Vs. Wiretap Laws
Carrier IQ isn't just illegal spyware, it's a threat to the safety and security of our spouses and children. It opens the potential for Carrier IQ to sell all of our GPS coordinates and system authentication credentials to anyone or group who has the interest and the financial capacity.

With millions of these infected mobile devices in the hands of thousands of government workers, it then becomes a serious threat to our National Security! Password credentials to government systems and real-time GPS whereabouts of government workers can be very valuable and can easily fall into the hands of the wrong and malicious groups or enemies.
JZHOU000
JZHOU000,
User Rank: Apprentice
12/1/2011 | 9:09:34 PM
re: Carrier IQ Vs. Wiretap Laws
Omg, I hope they will pay for it, I worked for Verizon for a short time, the managers there song Lin, bilal wahid,... Installed spyware on all my personal computers, spy on my computer, spy on my PHONE, listen in my personal calls for 3 years now!!!!!!! I really hope they will get what they deserve, they destroyed my life.
dgilmore14601
dgilmore14601,
User Rank: Apprentice
12/1/2011 | 8:26:42 PM
re: Carrier IQ Vs. Wiretap Laws
As data (in this case voice data via a celluar phone) traverses the network from point A to B a myriad of carriers networks are touched. This is the world we live in. The concept of "privacy" exists only between the ears and I'm not so sure about that with the last developments in MRI technology. As long as we leverage the concept of static legal rights into dynamic technologies we will continue to "disappoint" someone.
oink444
oink444,
User Rank: Apprentice
12/1/2011 | 7:53:54 PM
re: Carrier IQ Vs. Wiretap Laws
While privacy is a huge issue in this case so is data billing we the customer is paying them to transfer your stuff which making our bills higher I want to know how offen and how much data is being transfered and be refunded back since the very start of this spy ring that everyone in the cell business knew of this . This has nothing to do with testing the network , a persons keystroke, text message and passwords dosn;t help them build a better network its all bull. Class action suit sign me up.
Page 1 / 2   >   >>


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Practical Network Security Approaches for a Multicloud, Hybrid IT World
The report covers areas enterprises should focus on for their multicloud/hybrid cloud security strategy: -increase visibility over the environment -learning cloud-specific skills -relying on established security frameworks -re-architecting the network
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-30333
PUBLISHED: 2022-05-09
RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected.
CVE-2022-23066
PUBLISHED: 2022-05-09
In Solana rBPF versions 0.2.26 and 0.2.27 are affected by Incorrect Calculation which is caused by improper implementation of sdiv instruction. This can lead to the wrong execution path, resulting in huge loss in specific cases. For example, the result of a sdiv instruction may decide whether to tra...
CVE-2022-28463
PUBLISHED: 2022-05-08
ImageMagick 7.1.0-27 is vulnerable to Buffer Overflow.
CVE-2022-28470
PUBLISHED: 2022-05-08
marcador package in PyPI 0.1 through 0.13 included a code-execution backdoor.
CVE-2022-1620
PUBLISHED: 2022-05-08
NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allows attackers to cause a denial of service (application crash) via a crafted input.