Look out! Your phone knows what you’re doing. It has your contacts, email messages, SMS text, pictures and video. It gets worse. Your carrier — AT&T, Sprint, T-Mobile, Verizon — has to handle some of this information. You hit “send” and then their networks pass along personal email messages to your contacts. Some of these messages also contain your photos and even, if bandwidth permits, video. Horrifying, I know. Now for the worst possible news: Carrier IQ is also, possibly, running on your phone. It was put there by the manufacturers and carriers to help improve network and handset performance, and it can see everything you’re doing. That’s right — every action. It’s watching.
It doesn’t stop there. Your computer also has software on it that
knows every keystroke, every email and photo. It’s called the operating
system, and it basically runs everything. But who knows what it’s doing
with all it knows. Sometimes, you can tell, especially when it tries to
help you. Say you’re using universal search. How does that work,
exactly? Well, it has to index everything on your hard drive and then
maintain and update a database so you can find everything matching a
keyword search. Some people install powerful system search software like
Google Desktop, which can even index chats and instant messages.
Smart systems, in other words, know pretty much everything about us.
And when our computer or phone can’t find what we need and acts, on
occasion, like it doesn’t know everything — like it can’t connect the
dots between our data and, say, our social and business connections — we
Now, what Carrier IQ is doing is, to be fair, deeper than just pure data. It’s watching, at least according to this research,
all activity on the phone: Every keystroke and action. This must be a
whole new level, right? What kind of software would look at system
activity, user actions, which applications are running?
From the moment I read about Carrier IQ’s explanation about what its software does and watched this video,
I recognized it as pretty much run-of-the-mill debugging and diagnostic
software. If you watch the video you’ll notice that while it is in fact
recording virtually all activity, it would be nearly impossible for
anyone without a programming degree to decipher it. The hieroglyphics
spit out by Carrier IQ actually reminded me of code I had seen before.
Not on an Android device or even another mobile phone, but on a PC and
from a pretty long time ago.
Back in the early days of Windows there was a diagnostic utility called Dr. Watson.
On Windows 95 and 98, you could run it to collect system activity into a
log file that, if you were savvy enough and had some of the right
decoding tools, you could use to figure out what was triggering your
system crashes. Yes, Windows users — well most in my industry, at least —
were aware of Dr. Watson. However, on Windows NT, whether you were
aware of it or not, Dr. Watson was running, watching and collecting
errors — and potentially more. There were posts online about how to
disable Dr. Watson on the OS, but it wasn’t easy. You had to dive into
No one was ever harmed by what Watson collected, and the reason most people wanted to disable it was that some thought the doctor was slowing down their PCs.
There is, of course, a big difference between good old Dr. Watson and
Carrier IQ. Dr. Watson ran, primarily, on desk-bound computers (and
early laptops). Carrier IQ runs in your pocket. You could lose your
phone and whatever Carrier IQ has collected could be on there. A
would-be thief then simply has to, well, unlock your phone, hope you
don’t remotely brick it, find the Carrier IQ log file, and then figure
out a way to read Carrier IQ-speak. On the other hand, if Carrier IQ
were removed from all phones — including yours — and a thief found one
of them, he could still access all recent emails, contacts, and texts,
view videos and photos and do a whole lot more, as long someone left the
phone unlocked. (Admit it, you don’t always lock your phone).
My point? This situation is way overblown and spiraling out of control. However, when I asked
the relatively tech savvy Google+ audience why people didn’t understand
that complex systems are always running diagnostic software, they
surprised me. Most sided with those who find the very existence of
Carrier IQ on phone troubling. Many believe that Carrier IQ is
collecting emails and SMS messages and passing them along to carriers
(Carrier IQ says it’s not). They were also concerned that there’s no way
to shut down the software or opt out.
The last point is somewhat laughable. Do a Ctrl Alt Delete on your
Windows computer sometime and look at the process tab. There are dozens
of processes running on your computer at any given time, most of them
likely unidentifiable to you. Microsoft runs some, other software and
utilities you’re running are responsible for the others. You didn’t
explicitly ask for those processes to run, but they come as part of the
system or software you’re using. You can shut any of them down, but at
the risk of harming your computer.
For carriers and handset manufacturers, Carrier IQ is very much like
one of those processes. I bet it never even occurred to them that they
should inform consumers, let alone offer a way to disable the diagnostic
Carrier IQ, though, is not blameless — and I think this whole mess
would have disappeared in a hurry if Carrier IQ had not dropped a Cease
and Desist order on researcher Trevor Eckhart, who discovered the diagnostic software,
wrote a post about it and then and documented Carrier IQ’s abilities
(virtually unstoppable, voracious tracking on an HTC Android phone) in
video. That is, at least in some people’s eyes, the act of a company
that has something to hide.
The reality is it’s an act of a company that’s not used to dealing
with the public. Carrier IQ operates in the background and only deals
directly with carriers and manufacturers. Now consumers are looking for
ways to disable Carrier IQ on their phone, as if that will in some way
improve their mobile experience or protect them from identity theft.
This is misguided and in the end, could end up hurting more than it
helps as Carrier IQ’s carrier and manufacturer customers suddenly find
themselves with far less diagnostic information and fewer avenues for
measuring service and network quality. If service quality degrades,
consumers will finally be harmed — but not by Carrier IQ.