# Our phones are spying on us, again



## tekhna (Aug 9, 2011)

http://gizmodo.com/5863849/your-android-phone-is-secretly-recording-everything-you-do

Gah. This is just totally insane. A keystroke logger running at the deepest level of your phone. This is far worse, by the looks of it, than the HTCLogger.apk garbage a couple months ago.


----------



## Mattes (Sep 2, 2011)

Not again, it's always been there in every android phone, blackberry, Nokias most likely Windows phones and if you've ever owned an iPhone well, Apple knows where you eat, sleep and go poop. (But thats not CIQ) and even if a phone doesn't have CIQ its got something else.

It's almost come to a sad modern reality, I've personally come to accept that, even though it violates everything I believe in primarily the side of me that believes the Bill of Rights should be held to the utmost standards ( I'm currently studying law) and tbh this tears the 4th amendment to shreds. NOT in the functionality or that its being done but how the data is used, or to be more accurate, how it can be used or hell, where and how it is kept at least violates some sort of laws or regulations I'm sure.

To add to this;

there is a boundary in the digital age between growth/privacy that has always been shaky and now it seems to thin more and more


----------



## Athorax (Jul 20, 2011)

How does this have anything to do with the fourth amendment? This isn't politicians that want our information, its market researchers. Those market firms just happen to also pay for politicians...


----------



## Mattes (Sep 2, 2011)

smh, Go read the 4th amendment and then imagine that you went to court and the prosecutor/detective got a hold of CIQ info.

Which, at this moment in time is possible, but he would need a warrant of course making it not violate anything and it would be perfectly legal
So hell, it doesn't even have to violate anything its jacked up that its there.


----------



## Mattes (Sep 2, 2011)

My point is that the fact this information is there and is being collected has implications beyond just "oh noes i the big bad carriers,manufacturers and whoever else has my data!" the major implementations is who gets the data other than them. Whether it be an ad agency or a some sort of law enforcement.

I admit, personally if I was a detective CIQ would be my best friend, considering that law enforcement and carriers already have a 'friendly' relationship


----------



## JBirdVegas (Jun 11, 2011)

Consider yourselves protected if you use from source custom firmware like CyanogenMod... once again the community already has a fix for a problem the public just realized they had.

No this isn't a new problem. Just newly doccumented. We all knew this was an issue, it shows in logcat for every button press, no one bothered to look and see what that service did, that one is everyone fault.

Fixes?
1. Use from source firmware
2. turn off htc checkin props in the /system/build.prop by adding
ro.config.nocheckin=1
ro.config.htc.nocheckin=1
/* note about modding build.prop this affects google checkin and htc checkin but won't stop "Carrier IQ" to stop it download a sense based rom and remove the apk (on you computer in the zip) BEFORE flashing the rom */

Not to advertise, but turning off this property is a part of my app PropModder in my signature under > Check in sercive


----------



## sk3litor (Oct 3, 2011)

Its all a moot point anyway cuz if you think for one second that any part of your life is private...well, cmon people. Our phones are just another way. If someone wants your info they're gonna get it


----------



## bL33d (Jun 23, 2011)

is this in custom roms like bamf? or cyanogen?


----------



## B3L13V3 (Jul 11, 2011)

bL33d said:


> is this in custom roms like bamf? or cyanogen?


Wow you seriously couldn't read 7 posts? That is sad...anyway some posts above your own answer your question.


----------



## JBirdVegas (Jun 11, 2011)

sk3litor said:


> is this in custom roms like bamf? or cyanogen?


These tracking packages are not in CyanogenMod; they do include a stat tracker that sends the build.id from the build.prop to track how many CyanogenMod users they have but lots of devs exclude this package to reduce rom size

Sent from my DROID2 using Tapatalk


----------



## bL33d (Jun 23, 2011)

B3L13V3 said:


> Wow you seriously couldn't read 7 posts? That is sad...anyway some posts above your own answer your question.


I asked about bamf I see no one stating bamf info.

Now stfu thanks.


----------



## poetzmij (Aug 21, 2011)

bL33d said:


> I asked about bamf I see no one stating bamf info.
> 
> Now stfu thanks.


Well i can't read the link because it isn't working on the app but if its in the kernel then using someones kernel like imoseyon should be fine, if it is a rom based deal its probably not in bamf, I dont know if carrier IQ is or not though, If it is remove It from the rom then flash it. And your all good. If your really worried bout it then yea just hop on cm7 or any aosp should be good


----------



## JBirdVegas (Jun 11, 2011)

poetzmij said:


> Well i can't read the link because it isn't working on the app but if its in the kernel then using someones kernel like imoseyon should be fine, if it is a rom based deal its probably not in bamf, I dont know if carrier IQ is or not though, If it is remove It from the rom then flash it. And your all good. If your really worried bout it then yea just hop on cm7 or any aosp should be good


I have no experience with bamf but if they build off aosp or cm then no it isn't in there. As far as it being in the kernel I don't think so, here is my reasoning. The kernel source used is required by law to be released but the rom and apps are not required to be open source and if tracking had been added to the kernel it would be in the git logs (easy for someone to find) and open source to the world you are spying

...no I think this is something OEMs have had in their bag of goodies for a while and it just now coming to the public eye leads me to think it could only be in the closed source side of the equation.


----------



## poetzmij (Aug 21, 2011)

JBirdVegas said:


> I have no experience with bamf but if they build off aosp or cm then no it isn't in there. As far as it being in the kernel I don't think so, here is my reasoning. The kernel source used is required by law to be released but the rom and apps are not required to be open source and if tracking had been added to the kernel it would be in the git logs (easy for someone to find) and open source to the world you are spying
> 
> ...no I think this is something OEMs have had in their bag of goodies for a while and it just now coming to the public eye leads me to think it could only be in the closed source side of the equation.


I was thinking the same, honestly people get upset about this and they have all the right to be because in ways it does violate a few things but idc anymore honestly I've probably been tracked so many times in so many ways I can't even imagine.


----------



## TCM (Jul 24, 2011)

Verizon supposedly claims that they do not use CIQ, I don't know how truthful that is, hopefully someone else can chime in on this.


----------



## Mattes (Sep 2, 2011)

In response to that I do not believe CIQ is on the thunderbolts stock gb update and its not in the kernel source , but that's on face value I haven't gone to deep into it as honestly idc, even if I think its wrong.

Edit;
To end all posts or topics made by people worried about this, atleast in the thunderbolt forums pleas check out the list Gizmodo started of non "infected" devices and as a credible source I believe they have something to backup every device on the list.

http://m.gizmodo.com/5864116/these-are-the-phones-were-pretty-sure-dont-have-carrier-iq?utm_medium=referral&utm_source=pulsenews


----------



## mkjellgren (Jun 18, 2011)

bL33d said:


> I asked about bamf I see no one stating bamf info.
> 
> Now stfu thanks.


Its all sense roms. Just like the htcloggers.apk. cm and all other aosp roms are exempt because they do not include manufacturer software. This isn't hard stuff to figure out. No need to be rude and tell the guy to stfu.

On a side note, I have pretty much given up on this whole invasion of privacy thing. These types of loggers are almost never attached to any real personal info. Our devices are given a device ID that is used to identify devices within HTC and other manufacturers. So yes, they are logging data, but no, they do not necessarily know who that device belongs to, nor do they (most likely) care. Anyone take the time to think that the keystroke logging has to do with HTC trying to improve their predictive text on their keyboard...


----------



## gmogoody (Jul 21, 2011)

I know some do not care but It was found on every version of the IPHONE except it can supposedly be disabled

http://www.theatlanticwire.com/business/2011/12/yes-even-iphones-can-spy-you-too/45606/


----------



## zer071 (Jul 21, 2011)

I believe verizon just came out and said that software is not on any of there phones.


----------



## Mattes (Sep 2, 2011)

The version on the iPhone does not collect data in the same capacity of the version found on some android devices(I say this because due to new evidence it seems the minority in this situation are devices that have CIQ) and it is disabled by default and w/o turning it on does nothing.


----------



## gmogoody (Jul 21, 2011)

zer071 said:


> I believe verizon just came out and said that software is not on any of there phones.


That is starting to be confirmed by some of the tech blogs.

http://gizmodo.com/5864116/these-are-the-phones-were-pretty-sure-dont-have-carrier-iq?utm_medium=referral&utm_source=pulsenews


----------



## Mattes (Sep 2, 2011)

Nobody reads the full thread before posting do they ......


----------



## gmogoody (Jul 21, 2011)

Vulpe said:


> Nobody reads the full thread before posting do they ......


actually I do and I was re-posting the link as response to zeros comment.


----------



## Mattes (Sep 2, 2011)

I was trying to be an tushy, but I apologize anyway because I did not know your intentions.


----------



## gmogoody (Jul 21, 2011)

Vulpe said:


> I was trying to be an tushy, but I apologize anyway because I did not know your intentions.


I apologize as well for resorting to name calling. Really should have known better. Moved from XDA a long time ago, but sometimes people's intentions are unclear, and I jump into defense mode.


----------



## miketoasty (Jun 10, 2011)

idkwhothatis123 said:


> Mod edit Forum Rules


First off let me respond to the end of your post, according to TrevE this software is built deep into the phone, to the point where it is basically impossible to remove, and the only out is to use a ROM built from source (CM, OMFGB, etc). No build.prop edit can change this.

Now to your "Why should you care part", let me start off with, how could you not care?! These people can see texts you are sending, what websites you visit, etc., which actually isn't that bad as you said I am sure these items are tossed aside as "Irrelevant data" but two things stick out to me, first off CIQ stores all information you put into the web in PLAIN TEXT! If you don't know what that means it is basically a notepad document. Now I am sure they don't care but do you know how many hackers would kill for this stuff? You check your bank site, or maybe buy something on your phone and your information is stored again in PLAIN TEXT! Even HTTPs sites are stored in plain text, that is just ridiculous! All we need is 1 rogue app that finds a way to extract this information and your credit score is toast. Second on this little debate, the information taken can be used against you in a court of law, and more importantly it is against the law/constitution. You may not care, but the longer we let this go, the more intrusive it's going to get, 1984 may become a reality... Okay maybe that is pushing it a little but it could get a lot more ugly.

Also, just because Verizon doesn't put CIQ on their phones doesn't mean that they don't have something similar they implement themselves (I have heard some pretty bad things about the VZW app). Just be safe and use a AOSP ROM.


----------



## Mattes (Sep 2, 2011)

Mike, I can't thank you for that post enough. Much better worded then mine


----------



## victor014 (Nov 28, 2011)

nbd i used TrevE's app to remove htc logging from my phone: http://forum.xda-developers.com/showpost.php?p=17612559&postcount=110
u have to donate to remove it but u can still see the logs if u didnt donate


----------



## JBirdVegas (Jun 11, 2011)

He required a donation to remove the #CLI spy ware app that's not awsome


----------



## gmogoody (Jul 21, 2011)

Response from CIQ

http://www.wired.com/threatlevel/2011/12/carrier-iq-data-vacuum/all/1


----------



## victor014 (Nov 28, 2011)

JBirdVegas said:


> He required a donation to remove the #CLI spy ware app that's not awsome


there's a way to get it free


----------



## miketoasty (Jun 10, 2011)

Verizon phones don't have CIQ on them just fyi to everyone. Would link the countless articles but I am on my phone.


----------



## defcon888 (Sep 28, 2011)

miketoasty said:


> Verizon phones don't have CIQ on them just fyi to everyone. Would link the countless articles but I am on my phone.


http://www.theverge.com/2011/12/1/2602532/verizon-carrier-iq-denial


----------



## victor014 (Nov 28, 2011)

ya but htc phones have htc log (or whatever its called) which is even worse


----------



## Mattes (Sep 2, 2011)

No, it's not even close to CIQ, htc loggers aren't in the kernel and can't be programed to send out every key you press


----------



## sk3litor (Oct 3, 2011)

Funny just clickd on this thread and in the background I hear on the TV "our phones tracking every move and how to stop it". Well see what she has to say. Lol


----------



## victor014 (Nov 28, 2011)

Vulpe said:


> No, it's not even close to CIQ, htc loggers aren't in the kernel and can't be programed to send out every key you press


i thought htc log was the one that could track every keypress


----------



## Mattes (Sep 2, 2011)

Nope you got it backwards


----------



## victor014 (Nov 28, 2011)

Vulpe said:


> Nope you got it backwards


oh :/


----------



## miketoasty (Jun 10, 2011)

victor014 said:


> i thought htc log was the one that could track every keypress


Also, all you have to do is remove the HTCLoggers.apk and it is gone for good. It is not hidden like CIQ is.


----------

