AAPL Stock: 117.81 ( -0.22 )

Printed from

Carrier IQ: any logging is the fault of HTC, other makers

updated 11:50 pm EST, Sat December 3, 2011

Carrier IQ puts attention back on phone firms

Carrier IQ followed up its technical discussion of how its system works with an implication that phone designers like HTC were compromising the security of its device tracking. In a chat with The Verge, marketing VP Andrew Coward was careful not to mention HTC by name but gave strong clues that a standard Android log file containing the normally unsaved information had to have been populated by HTC with the tracking data. HTC's software in this view was making copies of whatever the Carrier IQ programming interface saw.

The executive reiterated that the tracking only sits in RAM and is protected. It should only be viewable with Carrier IQ's own software. An app with strong permissions could read the standard log file, but this was an issue with Android, not Carrier IQ.

A worst-case exposure of the files would still leave data no more than a week old, Coward said. He had previously elaborated on this by mentioning that the tracking information was uploaded as sparingly once a week and included the last 24 hours of data up to that upload, making any week-old data itself just a small piece of the device's history.

HTC hasn't responded to the more direct accusation, but it has already said it was considering letting users opt out of tracking entirely. Other Android phone creators like Samsung have yet to fully take a stance. Apple, Nokia, and RIM have all said that they either stopped an already-limited use of Carrier IQ or never used it.

The core software is now generally thought to be benign and captures only anonymous carrier data, using any checks on keystrokes for short codes in voice or messaging. With carrier-badged Android phones not giving users a choice on whether they use Carrier IQ, however, it creates potentially very large security risks if the data escapes and hackers can assume that some phones are always vulnerable.

by MacNN Staff



  1. aussiearn

    Joined: Dec 1969



    So the worst case is the https data, which is suppose to be secure end to end, which Carrier IQ shows in plain text is only vulnerable for one week. Well I don't know about any one else but I sure feel better knowing that!!! Yes I am being sarcastic for those who are part of the literal-net!

  1. SockRolid

    Joined: Dec 1969


    "Blame the carriers, not us!"

    Carrier IQ is evidently quite the bunch of chickensh!ts. "Hey, we just write the software. Don't blame us if anybody out there actually uses it to collect data. Bad carriers! Bad carriers!"

  1. kavok

    Joined: Dec 1969



    Now the finger pointing begins. It was them not us! No it was the company, not the carriers. I hold them ALL responsible. It's the only way to find out what's really going on.

  1. The Vicar

    Joined: Dec 1969


    Yeah, sure.

    "But, your honor, I only mixed up the nitroglycerine, put it into the case, designed and built the detonator, and gave it to someone else to deliver. How can you hold me responsible for the bombing?"

  1. climacs

    Joined: Dec 1969


    @The Vicar

    well, by the logic of the gun lobby... bombs don't kill people, people kill people.

    Carrier IQ is simply following the NRA's example. They wrote the code, it's not their responsibility as far as what people do with it.

Login Here

Not a member of the MacNN forums? Register now for free.


Network Headlines

Follow us on Facebook


Most Popular


Recent Reviews

Ultimate Ears Megaboom Bluetooth Speaker

Ultimate Ears (now owned by Logitech) has found great success in the marketplace with its "Boom" series of Bluetooth speakers, a mod ...

Kinivo URBN Premium Bluetooth Headphones

We love music, and we're willing to bet that you do, too. If you're like us, you probably spend a good portion of your time wearing ...

Jamstik+ MIDI Controller

For a long time the MIDI world has been dominated by keyboard-inspired controllers. Times are changing however, and we are slowly star ...


Most Commented