Chpwn has discovered that Carrier IQ, the 'rootkit' or 'keylogger' that has been found on Android, BlackBerry, and Symbian phones, is also on iOS. Carrier IQ has been making headlines recently after 25-year-old Trevor Eckhart of Connecticut posted a video that showed CarrierIQ logging text messages, phone calls, encrypted web searches, and more.
Up through and including iOS 5, Apple has included a copy of Carrier IQ on the iPhone. However, it does appears to be disabled along with diagnostics enabled on iOS 5; older versions may send back information in more cases. Because of that, if you want to disable Carrier IQ on your iOS 5 device, turning off "Diagnostics and Usage" in Settings appears to be enough.
While the version of Carrier IQ appears to be different than the version installed on Android, Carrier IQ does access some key areas on iOS:
● CoreTelephony
- your phone number
- your carrier
- your country
- active phone calls (However, I only saw it noting that a phone call was active, not what number was dialed or it was received from. But, I am not going to claim it doesn't do that: it's certainly possible, but didn't see it.)
● CoreLocation
- your location (Only, however, if Location Services are enabled.)
● (Possibly more I haven't yet found.)
On iOS, Carrier IQ does not appear to access the UI layer and thus should not have access to text entry, web history, passwords, browser history, or text messages.
For those interested, Windows Phone 7 appears to be the only OS without Carrier IQ installed. Chpwn says he's fine with this information being sent off to improve carrier's reliability; however, he "would definitely prefer if it was more transparent."
Read More
Up through and including iOS 5, Apple has included a copy of Carrier IQ on the iPhone. However, it does appears to be disabled along with diagnostics enabled on iOS 5; older versions may send back information in more cases. Because of that, if you want to disable Carrier IQ on your iOS 5 device, turning off "Diagnostics and Usage" in Settings appears to be enough.
While the version of Carrier IQ appears to be different than the version installed on Android, Carrier IQ does access some key areas on iOS:
● CoreTelephony
- your phone number
- your carrier
- your country
- active phone calls (However, I only saw it noting that a phone call was active, not what number was dialed or it was received from. But, I am not going to claim it doesn't do that: it's certainly possible, but didn't see it.)
● CoreLocation
- your location (Only, however, if Location Services are enabled.)
● (Possibly more I haven't yet found.)
On iOS, Carrier IQ does not appear to access the UI layer and thus should not have access to text entry, web history, passwords, browser history, or text messages.
For those interested, Windows Phone 7 appears to be the only OS without Carrier IQ installed. Chpwn says he's fine with this information being sent off to improve carrier's reliability; however, he "would definitely prefer if it was more transparent."
Read More