Carrier IQ

Carrier IQ

In the movie V for Vendetta big brother went to nearly any length possible to obtain information so they could better understand, control, and manipulate the people. Unfortunately there is a possibility that this is occurring in real life. That is where Carrier IQ (CIQ) comes into play. CIQ is a private company that was established in 2005 in Mountain View, CA. They claim to give cell phone analytical diagnostics to the mobile industry. CIQ goes on to say that their product is implanted in over 150 million devices. What is upsetting is that the actual owner of the phone usually has no idea that potentially their personal information is being broadcasted to their carrier. That is why throughout this article we will explore what is CIQ, what are the risks of having it, and how to remove it?

What is  Carrier IQ?

Carrier IQ is comprised of 5 software products. What these products are marketed to do is to take basic analytics in order to get a basis of information and then create key performance indicators (KPIs) to better help with functionality of that product and future products as well. One piece of software in particular is CIQ’s IQ Agent. IQ Agent is embedded on many phones in order to gain metrics key parts of firmware and overall performance. IQ Agent is a completely an incognito app. That means it runs entirely in the background. Therefore when the user runs a task killer for Android IQ Agent wont pop up.  Consequently the user will be unaware that their diagnostic information is being sent back to their cell phone carrier.

Things continue to get harrier with this beast. Due to IQ Agent’s incredibly powerful ability to send out information from a device, a mass amount of data is created that has to be compiled and made sense out of. Well, you guessed it; there is more software for that. CIQ has a piece of software titled MSIP that stands for Mobile Service Intelligence Platform. MSIP compiles data from a multitude of phones and tablets to make KPIs. With this information in hand carriers are then able to make educated determinations as to what the service is like for the user, and make altercations as necessary. Overall Carrier IQ seems to make some sense, but is it just a front being put up by the Mountain View company as things are about to take a twist.

What are the risks about it?

On November 12,2011 software engineer Trevor Eckhart made a stunning development that pulled the covers off of Carrier IQ. Mr. Eckhart uncovered that CIQ’s software could track users location via GPS as well as comprehensive keystroke logging. All this with out the phone owner even knowing! When CIQ discovered Mr. Eckhart’s post on androidsecuritytest.com they became furious. Within 5 days they sent Mr. Eckhart a cease and desist letter claiming copyright infringement. Mr. Eckhart didn’t back down, but instead fought back by summoning the powers of the Electronic Frontier Foundation (EFF). The EFF is a digital right advocatory association centered in the United States. Now with some backup, Mr. Eckhart unleashed a YouTube video demonstrating how CIQ’s software can log everything from text messages to browser data. Basically, anything done on ones phone could potentially be transmitted. Due to the actions taken by Trevor Eckhart a multitude of legal action has been taken against CIQ. While everything seems to be following its course, as it should, what can you do about it? Or more importantly how can one get rid of CIQ from their Android?

How to remove it?

The old adage detection is key couldn’t be more true for finding out whether or not your phone is infected with CIQ. Fortunately the development community is on top of this. There are a host of detection apps out there to let the user know whether or not you’ve been infected. While most do a good job, Voodoo Carrier IQ Detector seems to set the curve. That app was developed by developer Supercurio who has a history on releasing content that is on the cutting edge. There is no root access needed to run these detection apps. Additionally, it’ll provide insight if more steps need to be taken.

In the event your phone is infected then there are a few ways to go about deleting CIQ from your phone. But before we get started all of these methods require root access to ensure deletion of the infection. The first way to go about doing so is through the app Logging TestApp. The main app can be downloaded from XDA-developers forum, and the pro version can be bought through the Play Store. Either one you decide to go with should covered you. Logging TestApp not only gets rid of CIQ, but it also gets rid of HTC Checkin and Google Checkin finally getting big brother of your back. This app is superb for giving one peace of mind in the fight for the right to privacy.

The other ways to go about getting CIQ off your phone is the old fashion way. Which to no surprise requires root and an application like Titanium Backup or Root Explorer. With titanium backup you can freeze or uninstall “System Manager” which will stop functionality and affect no other apps whatsoever. Moreover, if there are still problems it is possible to locate the file (which is usually found under /system/lib) and delete it, but be forewarned as this method can brick your device. Lastly, and probably the simplest method would be to flash a new ROM and kernel to the Android.  CIQ is embedded inside the kernel, so by flashing a newer kernel and/or ROM should solve the problem.

Throughout this article we examined what CIQ is, what are the risks of having it, and how to get ride of it. Overall CIQ hasn’t been found guilty of doing anything wrong yet, but with software so intrusive it’s just a matter of time. Fortunately a foundation and the development community as a whole have worked to get out of this mess. Leaving our privacy to just that, our privacy.