In computer jargon a rootkit
is defined as
a set of software tools that allows someone to access a computer system without being detected
is -according to Wikipedia- a privately-owned mobile software company, which specializes in
providing mobile analytics services for smartphones to the Wireless industry
The company maintains formal business affiliations with Nielsen Company, NEC, and HTC Corporation. They also claim their software is deployed in over 150 million devices worldwide.
is a systems administrator with interests on HTC smartphones.
The Electronic Frontier Foundation
(EFF) is an international non-profit digital rights advocacy and legal organization based in the United States.
Mr Eckhart has released on youtube a video where he describes the operation of a rootkit he discovered on his HTC/Android based smartphone. This software -written by Carrier IQ, appears to be a key-logger, for as he demonstrated it tracks every keystroke the user makes. This includes everything from dial-up numbers, to SMSs, even the Web pages he visited including those which were supposed to be encrypted through HTTPS. The later is the protocol employed for example on financial transactions committed through the use of a credit card. Of equal importance is that the user cannot deactivate this 'service'. According to the Time magazine, Carrier IQ calls what it does 'mobile service intelligence'.
Once Mr Eckhart's video was uploaded on youtube, Carrier IQ threatened him with legal action via a cease and desist letter. However following EFF's backing to Mr Eckhart, Carrier IQ backed down and apologized for the attempt.
Although Echkart demonstrated that data acquired are transmitted to Carrier IQ -as usual at the owner's expense, I presume
-, the company responded with the statement 'The metrics and tools we derive are not designed to deliver such information, nor do we have any intention of developing such tools'.
Following the publicity around the issue, US Senator Al Franken asked Carrier IQ for an explanation of its practices. As for me, I cannot think of a better way to describe this other than the lyrics of an old song:
every breath you take, every move you make, every bond you break, every step you take
I'll be watching you
every single day, every word you say, every game you play, every night you stay
I'll be watching you
About Carrier IQ: Wikipedia at http://en.wikipedia.org/wiki/Carrier_IQ
Trevor Eckhart's home page: http://trevoreckhart.com/
Mr Eckhart's video on HTC/Android: http://androidsecuritytest.com/features/logs-and-services/loggers/carrieriq/carrieriq-part2/
The Huffington Post first report: http://www.huffingtonpost.com/2011/11/30/carrier-iq-trevor-eckhart_n_1120727.html
The Huffington Post additional report (which I have found to be rather interesting): http://www.huffingtonpost.com/2011/12/01/carrier-iq-iphone-android-blackberry_n_1123575.html?ref=technology
It also seems it has caught the attention of the Beeb: http://www.bbc.co.uk/news/technology-15982225
ciao mates, I 'll be watching you...