A piece of software tracks passwords, message content and even location

Dec 1, 2011 13:05 GMT  ·  By

Trevor Eckhart, a researcher that not long ago publicly announced that a company called Carrier IQ installed tracking software in most smartphone, now came forward with a video that actually proves his findings.

The video shows that Carrier IQ tracks every key stroke, including passwords, text message contents, web browsing addresses and even the user’s location.

After at first the company threatened him with a lawsuit if he didn’t take back everything he said, Carrier IQ had a change of heart and apologized to Eckhart. The decision came after the EFF intervened to say that what the researcher did is well within the boundaries of the copyright law, accusing Carrier of the fact that they’re trying to stop others from testing the theory, reports The Verge.

On November 16, Carrier IQ came forward with a statement claiming that the software they install “is used by customers as a mission critical tool to improve the quality of the network, understand device issues and ultimately improve the user experience.”

When the proof of concept video was released two days ago, everyone feared that most of the smartphones would encapsulate such software, but Android devices were the main suspect.

Yesterday, the famous iPhone hacker Chpwn came forward to state that even iOS operating systems contain references to Carrier IQ servers. Fortunately, he later determined that even though the software is present in all versions of iOS, it doesn’t send any information as long as a setting called DiagnosticsAllowed is off.

Since initially Eckhart claimed that even Nokia and BlackBerry devices contained the so-called tracking software, Nokia quickly jumped to clean its name, stating that none of their devices has ever contained Carrier’s services.

By taking a look at Google’s latest developments, the Nexus One, Nexus S, Galaxy Nexus and the original Xoom tablet, it was determined that the software is actually installed by carriers and OEMs since it didn’t come directly with the Android operating system.

However, Verizon came forward to remind everyone that they clearly stated right from the beginning of the scandal, when no one gave it much attention, that none of their devices contains the software provided by the now-controversial company.

Even though many vendors were quick to clean their names from the malicious application, it still leaves a lot of carriers and a lot of devices infected with the piece of software that allegedly monitors our every key stroke.

An advertisement on the organization’s website claims that 141 million phones come preinstalled with the software and according to Gizmodo, unless you’re a highly skilled hacker, there’s not much you can do about it since except for Apple devices, there are no ways of disabling it.