How Stupid Can Cell Carriers Be? Really Stupid

The recent revelation that most of us are carrying around smartphones with embedded rootkits is both surprising and not so surprising. It's surprising because it makes you wonder, "How stupid can the carriers be?" It's not surprising in that we know the answer to that.

Here's what the furor is all about: Back in March an Android software developer using the alias "k0nane" noticed something odd: His Sprint-supplied Samsung smartphone included some fairly well hidden software which was always started when the device was booted and was always kept running. Moreover, it was very hard to stop the code.

[Background: Mobile privacy debate reignites over hidden smartphone app]

A bit more sleuthing revealed that the software is called Carrier IQ (supplied by a company of the same name) and is intended to provide wireless service providers with data about the performance of smartphones for planning and diagnostic purposes.

Unfortunately the depth of Carrier IQ's data collection isn't restricted to stuff that cell carriers could reasonably want to know. Oh no. The software can collect much more and relay it back to the Carrier IQ mothership.

In other words, this software is an out-and-out rootkit, a hidden piece of code designed to be hidden and capable of monitoring everything that happens on a smartphone, including tracking which applications are run and for how long as well as logging texts and email sent, numbers dialed, XML data read, Web pages loaded ... you name it, Carrier IQ can detect and log it.

Initially a complete picture of what Carrier IQ could do was unclear, but one of its consequences was: The code sucked up significant cycles and killing it off made a significant improvement to the device's battery life!

Over the following months people started to examine Carrier IQ in greater depth and discovered that its implementation was designed to be stealthy and that each vendor had customized the implementation on their own devices. As for what data was collected, that was driven by the carrier sending commands remotely to the devices!

If you are running enterprise IT and care about security and privacy, the revelation that all of your smartphones are effectively loaded with an all-powerful, vendor-sanctioned rootkits has got to be pretty sobering. Not only has your carrier intentionally included a backdoor without telling you, but they've also created the potential for an entry point for hackers and malware that could capitalize on the logging services.

[2011's biggest security snafus]

While collecting performance data makes sense for carriers, it's the scope of the data that can be acquired that has everyone so spun, and - and this is the biggie - the fact that you have not given your consent for this data to be collected!

What is the legal risk to all of the carriers that have deployed this software? They are guilty of the federal crime of unauthorized wiretapping and violation of privacy!

The enormity of this whole mess is just starting to come clear as the list of devices Carrier IQ can be found embedded on includes products from Samsung, HTC, Nokia and RIM. According to the Carrier IQ web site, something north of 141 million smartphones are running their software! Can you say "class action"?

When there's such minimal real competition in the service provider market and such minimal external oversight on what the carriers can do, this is what happens. Anyone who thinks that the carriers don't need regulation and that the "free market" organically solves these kinds of problems is living in a dream world.

Gibbs has his data collected in Ventura, Calif. Tell him where you are spied upon at backspin@gibbs.com.

Read more about anti-malware in Network World's Anti-malware section.

For comprehensive coverage of the Android ecosystem, visit Greenbot.com.

Subscribe to the Best of PCWorld Newsletter

Comments