STOP! Im putting this Mobile Security Infringement ignorance to rest once and for all.
‘I don’t have an anger problem, I have an idiot problem!’ This is my all-time favorite quote, and it will better set the stage for what I’m about to explain to you regarding all of this Media maelstrom going on right now. I can start by saying I’m usually not a very angry person. In fact, I almost never lose my temper, but when it comes to a topic that is surrounded by pure ignorance, I have to loosen my pressure valve a bit. I’m going to start by making a very honest statement here. We have become a country that is guided by ‘the light.’ In this instance, the Media is our light, and sadly, more of us believe what we are told, rather than what we want to educate ourselves on.
If you turn on CNN, NBC, FOX, or any other major news station for that matter, you’re going to be bombarded with the Edward Snowden situation that has become a global hot topic. The United States’ number one enemy is a man who informed the public that the government has been spying on them through their cell phones. I’m leaving Edward Snowden’s focus right here in this paragraph because he’s a blip in the radar to me. I honestly can’t believe this information is being portrayed the way it is in the media. Here’s the way I look at it. The government was caught doing something that DOES invade our privacy, and it was knowingly done without our knowledge (shocking). Instead of the media really focusing on that, they are focusing on the person who made this information public, ergo, we are yet again caught in a media storm of the whole country freaking out over complicated and ricocheted information that they are all just now being made aware of. I want to highlight something specific I just said here: we are yet again caught in a Media storm of the whole country freaking out over complicated and ricocheted information that they are all just now being made aware of. Hold on to your hats because your mind is about to be blown!
When I first saw this on the news, I was at the gym walking on the treadmill, and as I noticed the person on the elliptical in front of me shaking his head in what appeared to be utter disgust at what he was seeing (probably because he was a Verizon customer), I unfortunately laughed a little bit under my breath because this news to me was old…very old.Anyone remember the name Trevor Eckhart? You know, the guy who exposed a little program installed on both Android and iOS called CIQ? You’ve never heard of him? Well good; let’s start his introduction. Trevor Eckhart, better known as TrevE on Xda-Developers, is a Systems Administrator from Connecticut who discovered what is considered the ‘Rootkit of all evil.’ Trevor discovered a hidden application that runs in the background of about every smart phone. This application was created by a software company by the name of Carrier IQ. This company developed an application to be used by carriers and manufacturers to send data logged by your phone to whomever utilized it, so that they could provide a better experience. Pretty boring right? It gets better. Of course every system in some way or another will have data logging. We’ve all seen the infamous ‘Would you like to send an error report’ while using a computer. While this seems harmless on a computer (which in theory it is), CIQ has a very dark secret that Trevor discovered. For those who know anything on the workings of Android, you know you can go to your Settings and view Application information. In that list of viewed Apps, you can swipe over to ‘Running Applications.’ This shows every process on your phone that is currently running. When you click any of these Apps, you are presented with the option to Force Close it, ultimately killing the entire process. That is of course unless that application is CIQ. Trevor’s discovery of CIQ showed that not only does CIQ peek its head out right in plain sight, it also is completely invisible at the same time. On one of Trevor’s videos showing this exploit, he shows that on a Factory Reset HTC phone, he is asked during setup, and during multiple first-time application launches, if he agrees to the terms and conditions of using that app. Also if that application has permissions to use his location to collect data. All of that right there should just be self-explanatory. At one point or another, you’re signing your life away unknowingly when using your phone. So many think, ‘Oh who cares if they see where I’m at?’ Well, another thing Trevor shows in his video is that the phone in use is in Airplane mode, meaning there is no data connection to secretly enable anything. While his phone is plugged into his computer, from what looks like ADB Shell, he shows that the CIQ logging confirms every single action, keystroke, process, time, location, and everything else possible that the phone does, and it does all of this in such detail that it took a System Admin like Eckhart to break it down for us. Who cares about your location when you have every website you visit, every picture you send, every text you type, every game you play, and even phone calls you audibly make, are all stored in a server for an unknown Administrator to review at any given time? Oh, but that’s safe, right? This company just wants to help carriers like Sprint and At&t, and manufacturers like Samsung and HTC know ‘what errors occur’ and ‘how it can help make your experience a better one.’ You may have just said to yourself, ‘I’m safe! I’m running Anti-virus on my Smart Phone!’ Doesn’t matter how good of a program you found on the Play Store that claims to protect you from Viruses and the bad juju hidden in apps, CIQ is of the highest caliber programming possible when it comes to Android and iOS, and it would take someone of that same caliber to explore it, block it, or even remove it all together. When it comes to this process, Apple point blank admits to using it, and HTC and Samsung followed suit; all carriers in some way or form use CIQ or a program like it. So as you can see with all of this information above, Eckhart didn’t just share information with the public, he flat out unraveled it.
How does this apply to current affairs in the Media? Well, in 2011, after publicly publishing his findings about CIQ and its spying capabilities, Eckhart was sent a Cease and Desist notice. To top that off, he and Xda-Developers were also threatened with a lawsuit because they permitted this information to be posted on a public forum. Thankfully with the EFF (Electronic Frontier Foundation) at his immediate aid, he was informed from day one that he was protected under the First Amendment. He, by no means, performed any illegal action to exploit the information regarding CIQ, he actually downloaded every bit of available information from their public website for his research (yep…research..from their own site). After an iron-clad letter back at Carrier IQ from both the EFF and Eckhart that pretty much told the company to take their lawsuit and shove it up their you know what, Carrier IQ went silent, that is until a new CEO publicly brought its company and what its intended purpose is to light. This is my full personal opinion regarding Eckhart’s findings, but he pulled the covers off of something in the attic that was put there to be forgotten for a reason. Because of this though, we now have ways to instantly see if this process is running on our phones. Apple has since announced it was getting rid of CIQ on some devices as of iOS 5, and only collects data that is agreed upon by the user (which sadly is about everything done on most Apple and Android devices). Verizon publicly claimed during the light of the Edward Snowden investigation that it does not use CIQ. There is zero assurance in this, of course, since they admitted to tracking user information anyway.
Ignorance is bliss folks, and we only understand issues as fully as we educate ourselves about them. Mobile Security Infringement isn’t new news; in fact, this information was only shared with those in the development world back in 2011. Trevor Eckhart wasn’t prosecuted or chased around the world for his discovery, nor was he worried about publishing his findings. His story never got attention in the public eye, and the severity of CIQ’s infringement on personal security was shrugged off and then it faded along with the rest of the story. For some reason though, two years following these events, and almost with identical scenarios, Edward Snowden’s actions have made him a superstar for the media, and the government is now being questioned about its spying intentions using mobile technology. It’s all a little silly to me because everyone is suddenly worried about something that has been going on for years. I hope this article helps you understand that your phone is a computer. It’?s as safe as you make it. It’s connected to the internet, and even when not connected, it has the ability to log every action you make which will then be sent once data connection is established. I highly encourage you to use careful judgment and common sense regarding the ‘prompts’ on your phone. If you download an App, look at the App info in your settings and see what permissions it has once installed. If the hottest game on the Play Store has permissions to see your Contact information, Record Audio, Change system settings, etc. then you should probably assume you are sacrificing some level of privacy to use it.
So stay smart everyone! Enjoy your phones, and as stated many times before, don’t let the Media scare you about your privacy. There is always someone watching us, and for whatever reason that may be, we just have to hope their intentions aren’t for anything other than what they tell us.
By: Chris Raines
Source: SkyNet Solutions