Hacker News new | past | comments | ask | show | jobs | submit login
Carrier IQ references discovered in Apple's iOS (theverge.com)
305 points by acak on Dec 1, 2011 | hide | past | web | favorite | 85 comments



Companies love data. Every last of one of them from your local grocery store to Apple. Love it, want as much of it as possible. Heck, most of the major publicized features of iOS 5 put your data on Apple's servers (iMessage: your texts and MMS; Siri: pretty much every thing including searches, calendars, and email; iCloud: it is called iCloud).

Long and short of it is that if you want privacy beyond "I'm boring, so no one cares", a device that holds pretty much every important bit of info about you made by large corporations that is nearly always connected to the internet via carriers isn't really for you.


If you are not paying for it, you're not the customer; you're the product being sold. That's why I don't use Gmail. When I pay for cloud services (like MobileMe, now iCloud) I feel more confident that my personal information isn't analyzed, sold, and used to manipulate me. Apple doesn't need to sell my data to profit from me.

I value my privacy but I'm not Richard Stallman. I carry a cell phone, so there's a chance I'm being tracked. I like viewing web sites in a graphical web browser (not Chrome) -- it has JavaScript permanently turned on, I accept some cookies, and I find the geolocation service convenient. I understand I'm giving up some privacy by doing all that.


"If you are not paying for it, you're not the customer; you're the product being sold."

The galling potential of this story is that even though you're paying for your cell phone and service, you are potentially still the product being sold.


This trope is so tired. If not totally wrong, it's at least misleading.

http://blog.byjoemoon.com/post/9910020865/you-are-the-produc...


So to summarise his argument: google still requires happy end-users or the advertisers will be unhappy.

In other words, advertisers come first. Since advertisers don't have the same priorities as end-users, I don't find the argument very compelling.


In other words, advertisers come first.

Your summary is incorrect. Advertisers and users are mutually dependent. If the advertisers priorities clash with the users priorities, it is not at all obvious that the advertisers will win. The fact that Google mail doesn't have flashy colored intrusive ads is testament to that.


In the zoo/Jurassic park/a fish restaurant selling life lobster, visitors and animals are mutually dependent, too, but the animals _are_ the product.


Okay, by this definition, the Rolling Stones are "the product" too then.

In what way does this name help explain the relationship?


by this definition, the Rolling Stones are "the product" too then

Yeah, by what definition aren't they? Like any popular high-demand product they get to name their price.

But no gmail user is in much higher demand by google (or their advertizes) compared to any other. The generic gmail user is more like dime-a-dozen no-name bands that don't have even a whiff of the negotiating power against a label that the Stones do by virtue of being the Rolling fucking Stones.

s/gmail/whatever "you're the product" service in question/


The fans pay money and get the Rolling Stones in exchange - it's abstract (obviously you don't actually get the band members to take home with you) but nonetheless sums up the relationship quite neatly in my opinion.


But in this relationship the Rolling Stone have a lot of power and get treated excellently. I'd love to be that product!

The phrase you're the product! doesn't express anything meaningful about the relationship. Buy any magazine, you'll still get plastered with ads. In that sense you bought a product, and yet you still are a product. You still haven't discovered anything about the quality of the service.


I think it's a bit unfair to pick a band that was created in that golden age of music where the record companies didn't suck up all the money.

How about comparing a non-multimillionaire artist instead?


Just to nit-pick: record companies have always "[sucked] up all the money". I don't believe there ever was a golden age where record companies were Nice Guys and everyone was happy.


"..people only made money out of records for a very, very small time. When The Rolling Stones started out, we didn’t make any money out of records because record companies wouldn’t pay you! They didn’t pay anyone! Then, there was a small period from 1970 to 1997, where people did get paid, and they got paid very handsomely and everyone made money. But now that period has gone. So if you look at the history of recorded music from 1900 to now, there was a 25 year period where artists did very well, but the rest of the time they didn’t."

-- Mick Jagger (ref: http://news.bbc.co.uk/2/hi/entertainment/8681410.stm)


One of my favourite quotes. History is so easily ignored or forgotten.


Okay, so you say "not Chrome". You realize that Chrome is pretty completely open source and does not send browsing history back to Google?


Chromium is open source. Chrome is mostly open source. Both send a significant amount of data to either Google or your default search provider by default unless you tell them not to. I primarily use Chromium and I've been through the process of disabling all of its reporting several times - it seems to get easier over time, though following the code that might call out gets significantly more difficult.

I currently have my default search provider set to Bing because I hate searching from the navigation bar anyways and it really annoys me that there's no way to turn it off. I suppose that's the price I pay for using a browser built by a search engine.

I fondly remember the days when Michael Arrington was some corporate puke working for RealNames, a search-from-the-URL-bar concept that everyone outside of RealNames and Microsoft hated. Literally. Everyone.

Google made Mozilla profitable by paying them to be the default search engine. The moment they figured out that worked was probably the last moment browsing was safe anywhere - and the last moment being a Mozilla employee was safe as a long term goal for anyone, oddly enough.


Chrome is Chromium, the only difference is branding and dynamically linked plugins (PDF, flash) which you can disable from about:plugins or delete, then you have identical binary to chromium.

http://news.ycombinator.com/item?id=3034628

Also if you want to change any privacy settings go to preferences->Under the Hood->Privacy thats it. You don't have to change your search engine.


This is partially true.

At one point I was trying to figure out how much I would enjoy Chrome, and one test I do with my applications is to have tcpdump in the background running while I run them. Whenever I went to any site, internal, external, or whatever, Chrome phones home to specific google sites. I think the published reason has to do with faster DNS lookups, but when I looked the sites up, they seemed attached to ad-related services. I searched around and could not find any setting to disable this feature. No, "Preferences > Under the Hood > Privacy" has nothing for disabling this feature. I think this phoning home was still there for Incognito mode, but time has left my memory fuzzy on that detail; Incognito mode is useless if you want to actually use cookies to maintain some session anyway, and why should I tell google about what accounts I hold across the net?

For the wiseguy who picks up on that last comment, my preference is Firefox with NoScript, AdBlock, and a disinclination for downloading sex.exe, so no, the common tracking systems do not know much about me. However, my ISP is quite familiar with my habits.

Someone recommended to me Chromium, claiming that it was stripped of this nonsense. So I tried that. Chromium did not phone home in my tests. It also lacked a few nice features that Chrome had, as if it were at least a version behind; I cannot remember what they were, only that at that point, I was sick of the hassle and ditched both pieces of software.

If you are concerned about apps phoning home, just run tcpdump/wireshark/whatever and watch. The extra paranoid will route their connections through a box with these tools.

My tests were within two months ago, so I feel the claim is pretty relevant.


Sorry but your comment is just hand waving. Can you give a specific example of those ad related sites Google "phones" whenever you go to any site on a vanilla Chrome installation?


The mere wire traffic is insufficient to implicate Chrome because most commercial websites use some kind of tracking service which behaves this way. Try the same experiment with the tracking services reported by ghostery[1] filtered out

[1] https://chrome.google.com/webstore/detail/mlomiejdfkolichcfl...


Update: I checked my systems today and could not get it to reproduce. I do not know if that gives Google Chrome a clean bill of health, but I have no more evidence of a phone home.


I'm not sure how search in the address bar relates to RealNames. If that were attempted again, it would garner just as much hate.


Great analysis. This reply is mainly so that I can find your comment again in the future.


I pay for Google Apps, does that mean I'm in the clear?


I think that's way too cynical. Yes, that's what the manufacturers and carriers want. No, they don't "have" to get it. They don't get it in other consumer product areas.

We can roll over or we can complain and fix it. This fight is winnable and worth having.


Why do they love data? What do they use it for?


BI. Looking at the past to guide future strategies.


Does BI stand for Business Intelligence here?


Yes it does.


But a keylogger?

I can understand how information about which apps crash, where calls and messages are dropped can be valuable but beyond that?


When I upgraded to iOS5, I was asked if I wanted to help Apple by automatically sending anonymous usage data. Doesn't this sound like exactly what CarrierIQ would be doing? If this is really what it is, then this is a total non-issue on iOS.

See here (for those not on iOS5): http://www.youtube.com/watch?v=oxBsKO2lJQk#t=42s

But if this is CarrierIQ working there, then it means it's also being used in Europe. And it probably also means that the media will get in an iOS vs Android fight again instead of highlighting the issue. And FWIW, it surprises me much more that RIM would do crap like that.


Here are the result of the current investigations made by @chpwn http://blog.chpwn.com/post/13572216737

I'm an iOS user and I'm concerned by this, I know that maybe these data are not sent to any remote server or maybe it depends on the carrier, but still I'm concerned that Apple would integrate a third party binary on its system. That's plain wrong for me. I want them to tell us what their phone collect, what their phone send to remote servers and for what uses. It is a matter of trust, trust is hard to gain and easy to lose and I think that Apple should handle this asset with great care.


still I'm concerned that Apple would integrate a third party binary on its system

Really? Based on the "Legal" section of my 3rd gen iPod touch, there appears to be a bunch of third-party binaries integrated into iOS.


I didn't say third party code but third party binary. That's not the same thing, there are plenty of third party libraries used in iOS indeed. But, you must recognize that's highly unusual for Apple to bundle third party software in iOS and even more when the type of software is by nature highly risked and highly controversial such as logging/tracking softwares are.


Wy 3rd party? It might just as well be implemented by Apple currently, and using CarrierIQ as a service.


> But, you must recognize that's highly unusual for Apple to bundle third party software in iOS

Honestly, how would anyone but Apple know this?


Apple would like your help to improve the quality and performance of its products and services. Your device can automatically collect diagnostic and usage information and send it to Apple for analysis — but only with your explicit consent.

Diagnostic and usage information may include details about hardware and operating system specifications, performance statistics, and data about how you use your device and applications. None of the collected information identifies you personally. Personal data is either not logged at all or is removed from any reports before they’re sent to Apple. You can review the information by going to Settings, tapping General, tapping About and looking under Diagnostics & Usage.

If you have consented to provide Apple with this information, and you have Location Services turned on, the location of your device may also be sent to help Apple analyze wireless or cellular performance issues (for example, the strength or weakness of a cellular signal in a particular location). This diagnostic location data may include the location of your device once per day, or the location where a call ends. You may choose to turn off Location Services for Diagnostics at any time. To do so, open Settings, tap Location Services, tap System Services and turn off the Diagnostics switch.

You may also choose to turn off Diagnostics altogether. To do so, open Settings, tap General, tap About and choose “Don’t Send” under Diagnostics & Usage.  

To help Apple’s partners and third-party developers improve their apps, products and services designed for use with Apple products, Apple may provide such partners or developers with a subset of diagnostic information that is relevant to that partner’s or developer’s app, product or service, as long as the diagnostic information is aggregated or in a form that does not personally identify you.

For more information, see Apple’s Privacy Policy at www.apple.com/privacy


Sweet copy paste.


Hahah, was simply. Opt and pasted from my iPhone to show ppl ;). (I get seriously bored in work)


I wish we could get straight answers from Apple, HTC, Nokia, Samsung and others as to whether this tracking technology is located within devices they are selling, on what carriers and what is happening with the data, what is logged, where is it logged, what it shipped from the device up to remote servers, and exactly how is that data being used?


Who cares! It's time for a free/opensource firmware and operating system you can flash into the ROM of any and all phones. The phone manufacturers, the software makers and the carriers have proven hostile to consumers, there's no reason for them to be allowed to control things any more.


That's what privacy policies are for.


Perhaps now this story will get the media storm it deserves.


I'm happy to assume that iOS's Carrier IQ, er, integration is much less comprehensive than what has been put into Android handsets, and may never have been activated at all. Nonetheless I can't resist pointing at http://daringfireball.net/linked/2011/11/30/imagine-if-it-we... and muttering something about seafood stew.

UPDATE: And if Apple's Carrier IQ code is only ever activated in an opt-in diagnostics mode, then it may be in the clear completely here.


Apparently some folks on androidcentral picked it up a little more than a year ago. http://forums.androidcentral.com/sprint-optimus-s/45729-ever...


Has anyone compiled a list of devices confirmed with CIQ, confirmed not to have, unknown and suspected?


It is not device, it is device-per-carrier. If the same device models had been sold with silently acticated CarrierIQ in the EU, that would be a lot of fun for lawyers.


Just another angle to approach the problem:

I suppose one way to fight this is to develop some sort of "multiple personalities" behaviour and habits.

There's "normal A" me, who goes to work every day, using the same route, checking the same webpages on route, doing the same web searches while at work, sending the same type of messages on IM during the day, etc, etc.

Then there's another me, "normal B", with his own habits and hobbies. But normal A and normal B should not overlap in terms of devices, friends, maybe even (online) behaviour. Location is bit more difficult, especially when you're at home. Home should be associated with only one "persona".

Once you make a conscious effort it might become easier with time, and thus hiding your real "identity".

Drawbacks?... Well, sounds bit like DID (http://en.wikipedia.org/wiki/Dissociative_identity_disorder), so don't get caught accidentally :)


Alternatively you can just use this sort of mechanism to screw with them.

How many people can we get to take out some sort of loyalty card which tracks your behaviour and then use it to buy only root vegetables and lube?


Why is Carrier IQ being made the villain here? From what I understand, they provide a service which has been abused by the phone manufacturers probably in conjunction with the carriers.

Logitech makes web-cams, would you hold them responsible if you found them hidden in hotel rooms and they were put there based on request by the CIA?

Let us hold the right people responsible. That will mean Apple, HTC, Samsung, RIM etc.


It's not a proper comparison. Using your analogy, Logitech should be held more liable if the video streams from the webcams were uploaded to Logitech's server. Would you agree?


It is a proper comparison but not complete. Your server addition completes it.

I would direct my anger at the hotel who I have a contract and relationship with.


Carrier IQ has stated that the information collected is transmitted to and stored on their network. They are playing an active role in this and are not just a software publisher whose wares are being misused.


Anyone seen any specifics about CIQ on blackberry? I hear reference to it in the original Eckhart video but can not seem to find real data


Surely whatever this is tracking is covered under the contracts with the carriers. Someone must have read them...


If you're interested, you can see the data the iPhone has collected so far -- Go to Settings -> General -> About -> Diagnostics -> Diagnostic & Usage Data.


Wow. That leaves Windows Phone and Bada as the only mobile OSes where no Carrier IQ references have been found so far.


Kind of. It's not been found in the actual Android operating system, has it? Only in carrier- or manufacturer-modified versions correct?


correct, which means that the Carrier, AT&T originally made it part of its deal with Apple..


And most probably, Microsoft as well: there has been no evidence to the contrary yet.


Given that carriers are only limited to 5 apps and can't make any changes to the Windows Phone OS, I would doubt that there are any Windows Phone devices with Carrier IQ.


I thought carriers were limited to 0 apps and couldn't make changes to iOS. However, that appears to be completely incorrect. Windows Phone may be safe or it may not be. But the argument that carriers couldn't touch WP7 doesn't hold any water given what seems to be happening with iOS.


>But the argument that carriers couldn't touch WP7 doesn't hold any water given what seems to be happening with iOS.

That argument was exploded in the whole WP7 update catastrophe earlier this year. Carriers blocked the WP7 updates.


It has been confirmed by several knowledgeable people that the CIQ rootkit doesn't seem to be installed on any Nexus devices as shipped.


Or the OSes that nobody has looked at yet?


I will give he befit of the doubt to apple right now. Remeber that Steve was talking about iAd and one of the benefits was that they hated how personal data was just taken from users. And privacy was a problem in apple' link up to FacEBook which didn't happen.

If it's active - its going to leave a huge huge mark.


Will Fortune Pay losses for (non Apple) Smartphone Manufacturers for costing them sales now?

http://tech.fortune.cnn.com/2011/11/30/extremetech-carrier-i...


What i wonder is, who gets the data? Is it the carrier or Apple?


uhmm...this sound more and more like a Carnivore reloaded


Several issues with this story:

1. The reference is found in a 2 year old version of iOS.

2. "IQAgent" sounds like things Apple could name, e.g.: I've seen no evidence that this has anything to do with CarrierIQ. There's been no disassembly (unless I missed it) so it quite possibly could simply be the fact that at one point Apple used the two letters "IQ" in an obscure file.

3. People watch the data iPhones transmit pretty closely, I know I have on occasion watched iOS devices talking to the cloud. If "every keystroke, every SMS" were being logged, I'd think people would have more than just a filename to go on.

4. As mentioned it seems this file is not used outside of diagnostic mode, which makes this much ado about nothing at this point.

I think its fine to be suspicious, but these things really should be approached with some objective detachment until actual transmission of user data that shouldn't happen is uncovered.

I don't know how many of the points above apply to the "indications" in android as well, but I think we should have more neutral, unemotional, and detached coverage of it as well.

I think spying on people is bad, and I think that americans are spied on more today than ever before. I think that's also why we have to be really careful about reporting it.

Edit: Deleted a digression that pointed out that the government is including language in recent legislation that allows them to collect data about us that previously would have been illegal. This was a distraction from my main point.


The article was updated to include iOS 5 long before you made this comment, by at least 1.5 hours.

It's Carrier IQ stuff. See chpwn's frequently updating blog post at: http://blog.chpwn.com/post/13572216737


Just to make it clear to anyone that doesn't click the link; it only transmits in a diagnostics mode, which is defaulted to 'off'.


(I wrote that post.) I think that is the case: it is using the same "diagnostics are enabled?" function call that the Crash Report submission is using, and the binary logs "This is not supported hardware, or the user has opted out." and exits if that call doesn't return true.

However, there definitely could be something else going on there: I do not want to rule out any possibilities here, many people are very touchy about privacy issues like this.


You should be careful about how you word things in your posts. You tend to state working observations and theories as conclusions and then the press and armchair security experts take it as fact.

That said, you've done very good work, and made a very valuable contribution to consumers.


And it doesn't log everything, notably it doesn't log UI events and whatnot like it appears do do on Android.


2. is ruled out by some of the details in the article, such as the references to http://collector.sky.carrieriq.com .


>2. "IQAgent" sounds like things Apple could name, e.g.: I've seen no evidence that this has anything to do with CarrierIQ. There's been no disassembly (unless I missed it) so it quite possibly could simply be the fact that at one point Apple used the two letters "IQ" in an obscure file.

The fact that those files contain a reference to http://collector.sky.carrieriq.com establishes a definite link to CarrierIQ, even if it doesn't actually run and send logs.


A lot of what you said makes sense.. I don't understand why it's been down voted.


I imagine there might be other software/consulting companies in the business of stealthily collecting GB and PB's of personal data about consumers using wired and mobile networks who are thinking "Am I next?"

And I imagine some of their employees' minds might now be filling with thoughts about how to justify what they do, or to discount the need for anyone to make a big deal about what they do.

Will consumers care about what's booting when they turn on their phone, or what connections their phones are making? This will be very interesting.


proper grammar: Are we next?


It turns out the setting to disable statistics is a bit tricky to get to. On the latest version of iOS, I found it at Settings>General>About>Diagnostics & Usage.


As far as I know you are explicitly asked whether you want to enable Diagnostics & Usage when you first set up the device. (It’s one of the steps in the setup process.) I don’t know what the default setting for that is, though.


There is no default, they make you choose during setup. Location is the same.


Your comment made me look for a video of the setup process. The relevant step is at 2:40: http://vimeo.com/24789410

Turns out there is a default and it defaults to being turned off. You can immediately tap next and Diagnostics will be turned off.

Here is the exact text:

Diagnostics

Automatically Send

Don’t Send (selected option)

Help Apple improve its products and services by automatically sending anonymous diagnostic and usage data.

About Diagnostics & Usage (this is a link)

Here is the text behind the link:

Apple would like your help to improve the quality and performance of its products and services. Your device can automatically collect diagnostic and usage information and send it to Apple for analysis — but only with your explicit consent.

Diagnostic and usage information may include details about hardware and operating system specifications, performance statistics, and data about how you use your device and applications. None of the collected information identifies you personally. Personal data is either not logged at all or is removed from any reports before they’re sent to Apple. You can review the information by going to Settings, tapping General, tapping About and looking under Diagnostics & Usage.

If you have consented to provide Apple with this information, and you have Location Services turned on, the location of your device may also be sent to help Apple analyze wireless or cellular performance issues (for example, the strength or weakness of a cellular signal in a particular location). This diagnostic location data may include the location of your device once per day, or the location where a call ends. You may choose to turn off Location Services for Diagnostics at any time. To do so, open Settings, tap Location Services, tap System Services and turn off the Diagnostics switch.

You may also choose to turn off Diagnostics altogether. To do so, open Settings, tap General, tap About and choose “Don’t Send” under Diagnostics & Usage.  

To help Apple’s partners and third-party developers improve their apps, products and services designed for use with Apple products, Apple may provide such partners or developers with a subset of diagnostic information that is relevant to that partner’s or developer’s app, product or service, as long as the diagnostic information is aggregated or in a form that does not personally identify you.

For more information, see Apple’s Privacy Policy at www.apple.com/privacy




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: