AT&T, Sprint confirm use of Carrier IQ rootkit software on cellphones

Verizon, RIM, and Nokia insist their cellphones don't use the monitoring software

Amid what's snowballing into a major privacy controversy, AT&T, Sprint, HTC, and Samsung today confirmed that their mobile phones integrate a controversial piece of tracking software from a company called Carrier IQ.

Both wireless carriers AT&T and Sprint insisted that the software is being used solely to improve wireless network performance, while phone makers HTC and Samsung said they were integrating the software into their cellphones only because their carrier customers were asking for it.

[ Learn how to secure your systems with Roger Grimes' Security Adviser blog and Security Central newsletter, both from InfoWorld. ]

Meanwhile, several large carriers and cellphone makers -- including Verizon Wireless, Research in Motion, and Nokia -- distanced themselves from the software and insisted that reports about their devices integrating the tool are false. Apple also said it has stopped using the Carrier IQ software, never collected personal data, and would remove the last vestiges in an update.

The controversy began last week when independent security researcher Trevor Eckhart published a report disclosing how Carrier IQ's software could be used by carriers and device makers to conduct surreptitious and highly intrusive tracking of Android and other smartphone users.

Eckhart described the software as a hard-to-detect and equally hard-to-remove rootkit that could be used by carriers and phone makers to collect almost any kind of data from a mobile phone without the user's knowledge. Eckhart said his research showed that Carrier IQ's software was often enabled to run by default on several mobile devices including those from Samsung, HTC, and RIM.

A lot of the information collected by Carrier IQ is designed to enable mobile operators and device vendors to quickly identify and address quality and service-related issues. But the software can be tweaked to gather more intrusive data about a user's location, the software, and applications on the device, which keys are being pressed and what applications are in use, Eckhart said in his analysis.

Earlier this week, Eckhart posted a video clip on YouTube showing how Carrier IQ's software recorded all of the keystrokes he made on his cellphone, even when the phone was reset to factory setting and put into airplane safe mode, at which time it was no longer part of the carrier's network. In his research, Eckhart said that phone carriers could program the software to send user data whenever certain triggers or actions were completed.

Carrier IQ maintains that its software does not do all of the things claimed by Eckhart. In a PDF statement posted on its website on Nov. 23, the company claimed that its software does not record keystrokes, provide tracking tools, inspect the content on a phone, or provide any real-time data reporting to its customers. "Our software is designed to help mobile network providers diagnose critical issues that lead to problems such as dropped calls and battery drain," the statement said. The company also said its software is installed on more than 150 million devices worldwide.

Carrier IQ initially threatened to sue Eckhart for publishing the research and tried to force him to withdraw his findings. The company quickly withdrew the threat and its CEO personally apologized to Eckhart after the privacy rights group the Electronic Frontier Foundation rallied behind Eckhart and said the company's threats were baseless and a violation of the researcher's right to free speech.

After Eckhart's video was posted, an iPhone hacker known as chpwn posted a blog note saying that Carrier IQ is present on the iPhone "up through and including iOS 5. ... However, it does appear to be disabled along with diagnostics enabled on iOS 5; older versions may send back information in more cases," the blog post said. Unlike the other devices, iPhone users can disable Carrier IQ relatively easily by turning off the "Diagnostics and Usage" function in the Settings app, he said.

AT&T and Sprint, two of the largest U.S. wireless carriers, confirmed that its cellphones use the software but only for legitimate service and quality-related purposes. Mark Siegel, executive director of media relations at AT&T, however, declined to say whether Carrier IQ is present in all AT&T cellphones, what notice users have of its presence, and whether users have the ability to turn off the software if they choose. In an emailed statement, Siegel said that AT&T's use of Carrier IQ software is in line with the company's privacy policies. "We're really not going to offer more detail than what's in the statement," he said.

Sprint, meanwhile, offered a more detailed explanation of its use of the software. Spokeswoman Stephanie Vinge-Walsh said Sprint uses Carrier IQ's data to understand device performance issues and to identify problems sooner. "We collect enough information to understand the customer experience with devices on our network and how to address any connection problems, but we do not and cannot look at the contents of messages, photos, videos, etc., using this tool," she said. "The information collected is not sold and we don't provide a direct feed of this data to anyone outside of Sprint." She added that Sprint's privacy policy makes it clear that the company collects device information, including how it is being used.

Verizon Wireless, Nokia, and Research in Motion issued categorical denials to Computerworld that their products include Carrier IQ software.

"Reports about Verizon using Carrier IQ are false, Verizon spokeswoman Debi Lewis said. "Verizon Wireless does not add Carrier IQ to our phones, and the reports we have seen about Verizon using Carrier IQ are false," she said.

In a similar statement, RIM denied that it installed the software on its BlackBerry devices. "RIM does not pre-install the CarrierIQ app on BlackBerry smartphones or authorize its carrier partners to install the CarrierIQ app before sales or distribution," the company said in a statement. "RIM also did not develop or commission the development of the CarrierIQ application, and has no involvement in the testing, promotion, or distribution of the app," the statement said.

Nokia spokesman Keith Novak also denied that the cellphone maker integrates the software into its cellphones and said that reports suggesting the contrary are incorrect.

In a statement, Android maker HTC said that Carrier IQ is required on its devices by a "number of U.S. carriers." The company did not say whether the carriers are asking for the software to be integrated into both its Android and its Windows Phone OS devices. "It is important to note that HTC is not a customer or partner of Carrier IQ and does not receive data from the application, the company, or carriers that partner with Carrier IQ," the company said. The statement added that HTC is looking at ways to give consumers a way to opt out of data collection by the Carrier IQ application.

A Samsung spokeswoman said the company integrates Carrier IQ into its products at the request of carriers. It did not specify which of its cellphones carries the software.

Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan or subscribe to Jaikumar's RSS feed. His e-mail address is

This story, "AT&T, Sprint confirm use of Carrier IQ rootkit software on cellphones" was originally published by Computerworld.

Copyright © 2011 IDG Communications, Inc.

How to choose a low-code development platform