Carrier IQ, the company that develops a controversial software
found in many smartphones, has released a lengthy document that attempts to explain "what Carrier IQ does and does not do."
In the report, titled "Understanding Carrier IQ Technology," the company provides details of the Carrier IQ software ("IQ Agent") and how it is deployed, how it is loaded on mobile devices, what information is available to Mobile Network Operators from devices, how data from mobile devices may be used by Carrier IQ?s customers and how consumer data is protected through this process.
Carrier IQ claims that its software has been designed to provide Network Operators feedback about the quality of their network service and how devices on their network, are performing: data on when and where calls fail; where customers have problems accessing the network; the reliability and battery performance of their make and model of device; and the interaction of the mobile network with a mobile device ? known as network signaling traffic.
The diagnostic information from the phone (hardware serial number and the subscriber serial number) can also be used to assist individual users who are experiencing problems with their device or with the network, the company said.
The Carrier IQ software installed on the mobile device is called the IQ Agent. In typical deployments, the IQ Agent uploads diagnostic data (about 200 kilobytes) once per day, at a time when the device is not being used. This upload, which averages about 200 kilobytes, contains a summary of network and device performance since the last upload, typically 24 hours.
The frequency and type of information uploaded is defined by the Network Operator and is called a profile.
Each profile will contain the following information:
1) Should information be collected in anonymous mode or with the hardware serial number and the subscriber serial number being used (e.g. IMEI & IMSI)
2) The frequency of metrics uploads and instructions on what to do if the user is roaming or not on the network
3) The specific metrics from which to gather data
4) Instructions for pre-processing of metrics to create summary information
Carrier IQ also commented on a number of critical allegations and questions that have been raised through the last weeks.
In Trevor Eckhart's video, an Android-based HTC device is shown writing location, keylog and SMS information to an Android log file in clear (human readable) text.
"We cannot comment on all handset manufacturer implementations of Android," Carrier IQ said. "Our investigation of Trevor Eckhart's video indicates that location, key presses, SMS and other information appears in log files as a result of debug messages from pre-production handset manufacturer software. Specifically it appears that the handset manufacturer software?s debug capabilities remained switched on in devices sold to consumers," the company added.
Various parties in the industry, including security consultants such as Dan Rosenberg, have recommended that handset manufacturers switch off debug messages containing personal information to prevent them being written into log files. In addition, Carrier IQ said that it has been working with handset manufacturers and Network Operators to suggest changes to the certification process for new devices to prevent similar problems from occurring again.
Carrier IQ said that it had also discovered an "unintended" bug in a diagnostic profile to measure radio-network-to-mobile device signaling. This diagnostic profile is used to gather network conditions during voice calls to determine why they fail.
"Carrier IQ has discovered that, due to this bug, in some unique circumstances, such as a when a user receives an SMS during a call, or during a simultaneous data session, SMS messages may have unintentionally been included in the layer 3 signaling traffic that is collected by the IQ Agent. These messages were encoded and embedded in layer 3 signaling traffic and are not human readable. Carrier IQ does not decode or process any SMS messages that may have been embedded in the layer 3 signaling traffic collected in these instances."
"For Network Operators to view the specific content of SMS messages, Carrier IQ would need to write additional software, which has never been done. No multi-media messages (MMS), email, web, applications, photos, voice or video (or any content using the IP protocol) has been captured as a result of this profile bug, as only SMS traffic is embedded in layer 3 signaling messages to deliver SMSs to/from devices."
Carrier IQ said that it had worked with its customers to fix it and ensure that this information is no longer captured.
Regarding phone number records, Carrier IQ says that
Network Operators do record phone numbers as a consequence of generating billing records. Also, in the process of gathering metrics on the performance of these calls, the IQ Agent will record the same phone numbers dialed and received for the purpose of diagnosing and maintaining their networks.
"If selected through the profile, this functionality allows a Network Operator to understand both ends of a problem," the company said.
The embedded version of IQ Agent metrics also allows for the collection of URLs if requested in a profile. These can be collected together with performance metrics so that Network Operators can measure consumer experience for specific web sites. Carrier IQ claims that the IQ Agent cannot read or copy the content of a website.
Carrier IQ added that metrics gathered by the IQ Agent are held in a secure temporary location on the device in a form that cannot be read without specifically designed tools and is never in human readable format.
The length of time this information is held on the device before upload is based on the profile but is typically 24 hours.
Regarding the collection of Keystrokes & SMS as seen in Trevor Eckhart's Video, Carrier IQ said that "what was shown in the video demonstrated keystrokes and SMS being written to Android log files, not stored or transmitted by the IQ Agent."
Last but not least, Carrier IQ talked about the Mobile Service Intelligence Platform, a wireless analytics platform that enables its Network Operator customers to define and manage the information they receive from the devices and network. The tool Carrier IQ uses for diagnosing network issues is called IQ Insight and provides details on the location of events such as dropped calls or no service areas. A network technician can drill down from a map view to understand exactly what happened at the time of a failure and use this information to fix issues.
"The location of Carrier IQ MSIP servers varies," Client IQ said. However, "Carrier IQ have no rights to the data that is gathered into the MSIP system for any Carrier IQ customer."
Carrier IQ's complete article is available here/.