Back to top

Carrier IQ protests its innocence over 'rootkit'

Carrier IQ has broken its silence on its monitoring software - dubbed a 'rootkit' by the Android developer who uncovered the system - and explained that while it monitors keystrokes, it doesn't record them.

According to an updated statement, the company - which shot to infamy when it threatened developer Trevor Eckhart with a $150,000 lawsuit for exposing its software to public scrutiny - does indeed monitor all keystrokes on selected devices, but only for legitimate purposes.

"While a few individuals have identified that there is a great deal of information available to the Carrier IQ software inside the handset, our software does not record, store or transmit the contents of SMS messages, email, photographs, audio or video," the company's statement reads. "For example, we understand whether an SMS was sent accurately, but do not record or transmit the content of the SMS. We know which applications are draining your battery, but do not capture the screen.

"Carrier IQ is aware of various commentators alleging Carrier IQ has violated wiretap laws," the company adds, "and we vigorously disagree with these assertions."

In an interview with AllThingsD, the company claimed that Eckhart's discovery of keystroke monitoring capabilities was entirely innocent: rather than recording everything the user does, the keystroke monitoring system simply looks for a code phrase which triggers the uploading of diagnostic information when the user is instructed to type it in by their mobile provider.

Carrier IQ's belated explanation hasn't stopped companies queuing up to distance themselves from the company: Google has confirmed via email that it "does not have an affiliation with Carrier IQ"; Apple has claimed that "we stopped supporting Carrier IQ with iOS 5 in most of our products and will remove it completely in a future software update"; Microsoft has declared that Carrier IQ is not present in any Windows Phone devices, and BlackBerry Maker Research In Motion has stated that it "does not pre-install the Carrier IQ app on BlackBerry smartphones or authorise its carrier partners to install the Carrier IQ app before sales or distribution."

The companies have good reason to get as far away from Carrier IQ as possible: despite its protestations of innocence, the company has been targeted by Senator Al Franken - chairman of the subcommittee on privacy technology and the law in the US Congress - with an open letter demanding a full and frank explanation of the company's activities.

Tags: carrier iq, security, smartphone, rootkit, insecurity