Printed from

Carrier IQ: any logging is the fault of HTC, other makers

updated 11:50 pm EST, Sat December 3, 2011

Carrier IQ puts attention back on phone firms

Carrier IQ followed up its technical discussion of how its system works with an implication that phone designers like HTC were compromising the security of its device tracking. In a chat with The Verge, marketing VP Andrew Coward was careful not to mention HTC by name but gave strong clues that a standard Android log file containing the normally unsaved information had to have been populated by HTC with the tracking data. HTC's software in this view was making copies of whatever the Carrier IQ programming interface saw.

The executive reiterated that the tracking only sits in RAM and is protected. It should only be viewable with Carrier IQ's own software. An app with strong permissions could read the standard log file, but this was an issue with Android, not Carrier IQ.

A worst-case exposure of the files would still leave data no more than a week old, Coward said. He had previously elaborated on this by mentioning that the tracking information was uploaded as sparingly once a week and included the last 24 hours of data up to that upload, making any week-old data itself just a small piece of the device's history.

HTC hasn't responded to the more direct accusation, but it has already said it was considering letting users opt out of tracking entirely. Other Android phone creators like Samsung have yet to fully take a stance. Apple, Nokia, and RIM have all said that they either stopped an already-limited use of Carrier IQ or never used it.

The core software is now generally thought to be benign and captures only anonymous carrier data, using any checks on keystrokes for short codes in voice or messaging. With carrier-badged Android phones not giving users a choice on whether they use Carrier IQ, however, it creates potentially very large security risks if the data escapes and hackers can assume that some phones are always vulnerable.

By Electronista Staff


  1. aussiearn

    Fresh-Faced Recruit

    Joined: Jan 2011



    So the worst case is the https data, which is suppose to be secure end to end, which Carrier IQ shows in plain text is only vulnerable for one week. Well I don't know about any one else but I sure feel better knowing that!!! Yes I am being sarcastic for those who are part of the literal-net!

  1. SockRolid

    Forum Regular

    Joined: Jan 2010


    "Blame the carriers, not us!"

    Carrier IQ is evidently quite the bunch of chickensh!ts. "Hey, we just write the software. Don't blame us if anybody out there actually uses it to collect data. Bad carriers! Bad carriers!"

  1. kavok

    Fresh-Faced Recruit

    Joined: May 2010



    Now the finger pointing begins. It was them not us! No it was the company, not the carriers. I hold them ALL responsible. It's the only way to find out what's really going on.

  1. The Vicar

    Junior Member

    Joined: Jul 2009


    Yeah, sure.

    "But, your honor, I only mixed up the nitroglycerine, put it into the case, designed and built the detonator, and gave it to someone else to deliver. How can you hold me responsible for the bombing?"

  1. climacs

    Mac Enthusiast

    Joined: Sep 2001


    @The Vicar

    well, by the logic of the gun lobby... bombs don't kill people, people kill people.

    Carrier IQ is simply following the NRA's example. They wrote the code, it's not their responsibility as far as what people do with it.

Login Here

Not a member of the MacNN forums? Register now for free.


Network Headlines


Most Popular


Recent Reviews

Neurio Intelligent Home Monitor

The recently released Neurio Intelligent Home Monitor is a piece of hardware that, when integrated into a home's breaker box, monitors ...

Apple 13-inch MacBook Pro (Early 2015)

Although the new darling of the Apple MacBook line up is the all-new MacBook, Apple has given its popular 13-inch MacBook Pro with Ret ...

Seagate Wireless

It seems like no matter how much internal storage is included today's mobile devices, we, as users, will always find a way to fill the ...



Most Commented


Popular News