HardOCP News
[H] News
- Joined
- Dec 31, 1969
- Messages
- 0
If you own an Android phone, you really need to watch this video. It is a bit boring to watch but trust me, it is worth watching.
![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
Android Phones Log Everything You Do
- Thread starter HardOCP News
- Start date
Equally important is that it does not indicate whether or not the data is actually sent anywhere. The author seems a bit unclear as to how logcat works. For example when talking about the HTTPS stuff he says it is supposed to be encrypted. However, the logs he points out would happen *before* it hits the network stack. Also, any site that puts your username or password as a GET parameter is absolutely doing it wrong, encryption or not.
With that said, fuck CarrierIQ, and fuck HTC (and other OEMs) for logging all this junk in the first place. Even if it isn't sent anywhere and is just local to the phone's logcat, that still makes logcat nearly useless, which sucks for developers. Also logcat is open to 3rd party apps to sniff, so personal information should never end up there anyway.
- Joined
- Jun 27, 2001
- Messages
- 15,805
I have an HTC android phone (Tmo G2) with the stock firmware, does not have CIQ on it?
Negative Decibel
2[H]4U
- Joined
- Dec 13, 2005
- Messages
- 3,588
oh my. this could be really bad. As I am smart enough not to have a smart phone, can anyone else confirm this?
iAgree.
Jabroni31169
My Future Son-in-Law
- Joined
- Apr 19, 2000
- Messages
- 10,333
Yea, the HTTPS part irked me a good bit, I think he is really confused on how the OSI model works and were CIQ is pulling the info from.
I'm sure some dev somewhere thought it would be a great idea to log everything for god only knows...
TheWeazmeister
<a href=http://www.blogcdn.com/www.parentdish.com/
- Joined
- Jul 16, 2010
- Messages
- 3,346
http://infectedrom.com/content.php/154-HTCs-User-Behavior-Logging
Yeah, it's confirmed and has been for a while.
Jabroni31169
My Future Son-in-Law
- Joined
- Apr 19, 2000
- Messages
- 10,333
But we already know apple does this. Hell, suri pumps everything you tell it up to the cloud.
Nothing that installing a custom ROM can't remove. CarrierIQ is also on samsung phones. It also eats up a lot of cpu processing power and battery life. After installing a custom ROM (Legendary ROM for Epic 4g), my battery life has increased dramatically. It lasts 3 times as long now on a single charge (I'm at 75% cpu with 17+ hours on battery)
timtheenchantor
Gawd
- Joined
- Jun 17, 2005
- Messages
- 962
This will get a lot of attention, this is very disturbing. I am rooted. I use an EVO. I use a custom ROM. But most people I know do not, and that is messed up.
Valshistixol
[H]ard|Gawd
- Joined
- Mar 25, 2011
- Messages
- 1,809
Pretty fucked up, but I run custom roms from day 1 so I don't care.
lilbabycat
2[H]4U
- Joined
- Jun 21, 2011
- Messages
- 3,810
Sure, both droid and ios do it... but with droid, I'm a few clicks, touches, memory card swaps, and a restart away from whatever the hell I want on my phone. Such as CM7.
Slighty off topic:
My good 'ole Nook color went from a slow e-book reader to a snazzy $200 android tablet a full year before Kindle Fire was even announced. Sure, it can't do *everything* the new ones can, but I can watch movies (porn), look at pics (porn), surf the web on wifi (porn) and play most of the popular brainless games just as well as the others.
Slighty off topic:
My good 'ole Nook color went from a slow e-book reader to a snazzy $200 android tablet a full year before Kindle Fire was even announced. Sure, it can't do *everything* the new ones can, but I can watch movies (porn), look at pics (porn), surf the web on wifi (porn) and play most of the popular brainless games just as well as the others.
carlbme
[H]ard|Gawd
- Joined
- Aug 17, 2001
- Messages
- 1,257
Title is a bit misleading. It's also on BlackBerry phones, and Nokia phones as well. Some have stated it is on the iPhone too, but I haven't see anything factual on that. The main reason the Android is getting pointed out so much is the developer who discovered it happens to be a Android dev.
according to a quick google, there are 10 million galaxy s alone.
who gives a shit if it logs a button press? how would anyone go through the billions of lines to get anything? sms history? i send at least 1000 a month. 1000 x 10 million? yeah, im not overly worried.
who gives a shit if it logs a button press? how would anyone go through the billions of lines to get anything? sms history? i send at least 1000 a month. 1000 x 10 million? yeah, im not overly worried.
Metrocall
Gawd
- Joined
- Mar 4, 2008
- Messages
- 952
This just proves that apple sucks, WHEN WILL THEY LEARN.
copperiodide
n00b
- Joined
- Oct 30, 2011
- Messages
- 9
Data is not as hard to mine as you imagine.
With SSL, the URLs requested are never encrypted, it's the post information that's encrypted. The URL variables are passed to the web server in plain text, event for "secure" sites.
Otherwise, this is seriously disturbing and in Canada would constitute illegal wiretapping (I don't know about US laws). This is extremely worrying, it made me check out my own phone (HTC HD7) for this sort of dangerous malware.
Otherwise, this is seriously disturbing and in Canada would constitute illegal wiretapping (I don't know about US laws). This is extremely worrying, it made me check out my own phone (HTC HD7) for this sort of dangerous malware.
LOL. The US government doesn't give a shit about our privacy. Privacy is an illusion here.
You know. For freedom. It's what happens when you have a credulous populous in constant fear of those scary brown people with funny names willing to piss away their rights to feel "safe" and have cheap deals on twinkies at wal mart.
Yay.
GET OFF MY LAWN!
Viper87227
Fully [H]
- Joined
- Jun 2, 2004
- Messages
- 18,017
To my knowledge, Sprint is the largest offender for having CIQ in their devices. This is just one of the many reasons I root my phone as soon as I get it.
GotNoRice
[H]F Junkie
- Joined
- Jul 11, 2001
- Messages
- 12,002
The mistake is making the assumption anyone cares what most people do with their phones.
Fact is, people just aren't as important as they would like to think they are.
Fact is, people just aren't as important as they would like to think they are.
Did anyone actually watch the video?
It does not matter if you are rooted. It does not matter if you can not see this in the OS. This program is not specific to Android. This program is rooted and has its own access. It works without a mobile connection.
Read more:
http://www.wired.com/threatlevel/2011/11/secret-software-logging-video/
Forbes is picking this up. This is the real deal.
Fixed that for you.
TheWeazmeister
<a href=http://www.blogcdn.com/www.parentdish.com/
- Joined
- Jul 16, 2010
- Messages
- 3,346
Hence the link I posted. The guys/gals at synergy believe they have it isolated and disabled.
poee
Limp Gawd
- Joined
- Nov 15, 2005
- Messages
- 257
I just love how CarrierIQ (the company) threatened this guy with a huge lawsuit if he didn't shut up about their rootkit. Then the EFF steps in and CarrierIQ backs off their threats. Yes! Bring it on, wiretapping fuckers! You thought you could just scare this guy away? I ♥ the Electronic Frontier Foundation.
TheWeazmeister
<a href=http://www.blogcdn.com/www.parentdish.com/
- Joined
- Jul 16, 2010
- Messages
- 3,346
No doubt, one of the best donations one can make imo