started last week as a relatively minor controversy over one company's tracking of smartphone users' behavior has ballooned into a full-fledged scandal. The curious digging of developer and researcher Trevor Eckhart revealed that an application called Carrier IQ (CIQ) has been logging and transmitting a ton of information about what people are doing with their phones, including personal data like phone numbers dialed, URLs visited and the content of text messages. First the Electronic Frontier Foundation came to Eckhart's defense after CIQ sent a cease-and-desist letter to the developer. Now U.S. Senator Al Franken is demanding answers from CIQ.What
The controversy initially swirled around Android-based smartphones from a variety of manufacturers. Last night, iPhone hacker Chpwn reported that he had found traces of CIQ in Apple's iOS operating system, although what he found looks less alarming than what Eckhart initially saw elsewhere.
What Can Carrier IQ See on the iPhone?
The only data Chpwn could see being accessed by CIQ on the iPhone were things like the carrier, country, active phone calls and physical location (assuming location services are turned on). He did not find things like message content or any keystroke-logging type of activity. Whatever the app does log, it appears that it only works when the phone is in diagnostic mode, so preventing the data from being transmitted is no insurmountable task.
Chpwn's findings were verified by the Verge, who said they located a file called IQAgent and spotted references to the URL collector.sky.carrieriq.com on an iOS device. Exactly what kinds of data the iPhone is collecting or transmitting is not exactly clear, but so far it looks like it's fairly minimal.
After the scandal heated up for about 24 hours, Apple put out a statement saying that they haven't logged personal information using Carrier IQ and that they're actually in the process of removing the software from iOS. Whether or not that decision had already been made, now looks a good time to axe the program, especially considering Apple's history with iPhone privacy controversies.
What Exactly is Carrier IQ and Why is it a Big Deal?
In all the freaking out going on about Carrier IQ, it would easy to assume that this is some kind of large-scale espionage program targeted at consumers for the benefit of large corporations or even curious government officials. In reality, Carrier IQ is intended to be used a diagnostic tool to help carriers and device manufactures optimize their networks and hardware.
That may well be true, but what Eckhart discovered last week goes well beyond diagnostics and may even constitute large-scale wiretapping of the type that citizens and government officials could be prosecuted for.
This is an evolving story and as the EFF and Senator Franken have made clear, Carrier IQ has a list of questions to answer. We trust that between those inquiries and the continued diligence of hackers and mobile security experts, a more thorough picture will be painted over the days and weeks to come.