Phone
© redOrbit

A smartphone security researcher said he has found hidden software in Android, Nokia and BlackBerry smartphones that secretly tracks their users' activities.

Trevor Eckhart said he has uncovered a piece of spyware that tracks the phone's location even if the user disables location services. The software also logs every keystroke, ignores the "Force stop" button, and Eckhart said it is impossible to remove.

The California company behind the software defended the software as a tool for mobile network operators.

"Our software is designed to help mobile network providers diagnose critical issues that lead to problems such as dropped calls and battery drain," Carrier IQ said in a press statement. It denied the software logged keystrokes or tracked smartphone users.

"While we look at many aspects of a device's performance, we are counting and summarizing performance, not recording keystrokes or providing tracking tools. The metrics and tools we derive are not designed to deliver such information, nor do we have any intention of developing such tools," it said.

"The information gathered by Carrier IQ is done so for the exclusive use of that customer, and Carrier IQ does not sell personal subscriber information to third parties. The information derived from devices is encrypted and secured within our customer's network or in our audited and customer-approved facilities," Carrier IQ explained in the statement.

However, Eckhart's 17-minute video showed that Control IQ, buried deep inside an Android-powered smartphone, recorded every button pressed, recorded his search queries, text messages, and even his locations.


He typed a text message of "Hello World!" only to have it instantly appear in a Control IQ application log in an Android phone.

"The Carrier IQ application is receiving not only HTTP strings directly from browser, but also HTTPs strings," he said. "HTTPs data is the only thing protecting much of the 'secure' Internet. Queries of what you search, HTTPs plain text login strings (yuck, but yes), even exact details of objects on page are shown in the JS/CSS/GIF files above - and can be seen going into the Carrier IQ application."

Eckhart said the software was tricky to find on the device and couldn't be turned off, as he demonstrated in his video. He called Carrier IQ's software a "rootkit," spying on unsuspecting users.

Control IQ had tried to silence Eckhart with a cease-and-desist letter threatening to sue him, but backed down once lawyers from the Electronic Frontier Foundation (EFF) got involved, defending Eckhart's allegations.

"Mr. Eckhart's legitimate and truthful research is sheltered by both the fair use doctrine and the First Amendment," EFF senior staff attorney Marcia Hofmann wrote in a response to the Control IQ letter.

Carrier IQ issued a letter on November 23, apologizing to Eckhart, and trying to make clear what its software does: "Our software makes your phone work better by identifying dropped calls and poor service. Our software identifies problems that impede a phone's battery life. Our software makes customer service quicker, more accurate, and more efficient. Our software helps quickly identify trending problems to help mobile networks prevent them from becoming more widespread."

"The company claims the software is designed to help mobile phone carriers to improve their service quality by measuring where calls drop, what applications are causing performance issues and which handsets may have problems on their networks," said Chester Wisniewski of Sophos.

"This may be true, but the inability to opt-out or remove the software without informing the user is extremely concerning. Combine that with all of the sensitive information the software is designed to intercept and it raises far more questions about how this software is being used," he added.