[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On 16/12/11 19:43, Grant Phillips-Sewell wrote: > There are plenty of tools on Android to either detect or remove > CarrierIQ already. Also, just because a mobile platform *can* run > CarrierIQ doesn't mean that your phone has it. I've already tested my > as-yet-unrooted-and-still-running-the-stock-ROM HTC Sensation on > Vodafone (from Phones4U) and it doesn't have C-IQ on it. > > Grant. > Exactly. I've got to admit to being a bit nonplussed at all the nerd rage and furore regarding the CarrierIQ stuff recently: I mean, seriously, is anyone actually surprised at this? Particularly on any non-100% free software mobile telephony stack (and there are exactly NONE of these: the firmware blobs on the SoC, the baseband, etc are all closed/proprietary even on linux phones like the Nokia N900) there's a lot of room for the carriers and manufacturers to put all kinds of unknown code, for good and 'bad' purposes. Mostly CarrierIQ is used for the equivalent of SNMP by the network providers: *shock horror*, complex network operators need copious diagnostic information on the millions of devices using their infrastructure! Who would have thought it! Whatever next: ISPs using traffic shaping and monitoring tools for clients using their networks? Especially when it's government mandated for state-surveillance programs which we've all known about for years. Duh. As for all the conflicting data about whether or not keystrokes can be logged - regardless of whether this is true or not, 90%+ of PC users have government mandated backdoors in their windows operating systems allowing for complete interception of all data, including keystrokes. In the modern dystopian panopticon society, how the hell can anyone be surprised that their non endpoint-to-endpoint PGP encrypted communications aren't secure? CarrierIQ is the biggest non-surprise, non-event ever to hit telephony. Modern communications and communication devices are not secure. News at 11. On the plus side, I've been making a tidy sum rooting/reflashing iPhones and Androids for a few years now and this seems to have just driven demand up which suits me fine with Christmas coming. It also allows me to be smug: despite being an enormous geek, I still just use an ancient Nokia dumb phone with a disposable PAYG SIM. And guess what? Even with no internet access, location services or advanced features, my network provider can still intercept every byte of voice and SMS information that flows over their system from me. They can also pinpoint my location with GSM triangulation. I really, really don't understand why people are making such a big deal out of this. Don't get me wrong, I do think it sucks but seriously, this is all not surprising. Cynically, Mat -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq