It seems (at this point) that there is 'speculation' that in addition to Android having the Carrier IQ spyware service installed at the root level, there maybe the same software installed on Blackberry devices too. I hope not or I'm going back to smoke signals!

Carrier IQ (spyware?) is on Blackberry's too?! - BlackBerry Forums at CrackBerry.com (http://forums.crackberry.com/general-discussion-f2/carrier-iq-spyware-blackberrys-too-674331/)

I'm glad you posted this - you beat me to it!

This is becoming big news.
Your Smartphone Is Spying on You - Yahoo! News (http://news.yahoo.com/smartphone-spying-204933867.html)

The Android developer's video showing the keylogging on an Android device was posted on Gizmodo yesterday.
Your Android Phone Is Secretly Recording Everything You Do (http://gizmodo.com/5863849/your-android-phone-is-secretly-recording-everything-you-do)

It seems some folks have been aware of Carrier IQ for some time now, but I hadn't heard of it until yesterday. The company, of course, denies the spyware:
http://www.carrieriq.com/Media_Alert_User_Experience_Matters_11_16_11.pdf

But they jumped on the researcher who published this and threatened him with a C&D letter, article here:
https://www.eff.org/deeplinks/2011/11/carrieriq-censor-research-baseless-legal-threat
Letter here, PDF:
https://www.eff.org/sites/default/files/eckhart_cease_desist_demand_redacted.pdf
That kind of response from the company makes them look more suspicous, IMO.

And the EFF sent strong letter to Carrier IQ and they have backed down some, PDF.
https://www.eff.org/sites/default/files/eckhart_c%26d_response.pdf

I have't seen anything that demonstrates or confirms Carrier IQ has been found on BlackBerrys however.

There is likely gong to be a lot of backlash over this, so stay tuned.

Yeah, this one's out of hand. This beats the whole location tracking issues they were complaining about with the iPhone. Actually, they referenced Android, Blackberry, and Nokia in the article but here's one that points out iOS (or iPhone) devices containing the IQAgent under the /usr/bin folders.

Carrier IQ code spotted in iOS (http://www.intomobile.com/2011/11/30/carrier-iq-code-spotted-ios/)

This will really make the paranoids crazy!

I realize this isn't proof but the article below implies a BB device has been seen with it or some variant.

How much of your phone is yours? (http://www.geek.com/articles/mobile/how-much-of-your-phone-is-yours-20111115/)

Right now, it is difficult to see just how many phones have a variant of CarrierIQ on them, or how they are being used. Test applications have been found for Blackberry, specifically the 9530, and the Nokia n97-1 and Series 60 devices as well, though those phones are a little more difficult to go browsing around to see how the apps are being used. Nowhere on any of these devices are you, the user, shown or given control over what information is being collected, nor do you have the ability to opt-out anywhere.

Quick, everyone put a tin-foil case on your smartphone.

This explains the Black Helicopters.

These Are the Phones We're Pretty Sure Don't Have Carrier IQ (http://gizmodo.com/5864116/these-are-the-phones-were-pretty-sure-dont-have-carrier-iq)

Turns out a lot more phones that we originally thought are infected with Carrier IQ, the nothing-you-can-do-about-it rootkit that has all the tinfoil hat people crowing. But not all! Here's a list of the phones that have had hard denials from their manufacturer or carrier or have been found to be clean.

All Verizon phones
All Nokia handsets
All Windows Phones
All Vodafone Phones
All O2 Phones
Google Nexus phones (Google Nexus One, Nexus S, Galaxy Nexus)
Original Xoom

Verizon denies Carrier IQ is on any of its phones | The Verge (http://www.theverge.com/2011/12/1/2602532/verizon-carrier-iq-denial)

OK, so Verizon claims that they don't have Carrier IQ on their phones but this is not to say that they don't have something else under a different name that does the same thing. This is an ongoing cat and mouse game with this whole privacy issue.
:razz:

Paranoia will destroya

Verizon denies Carrier IQ is on any of its phones | The Verge (http://www.theverge.com/2011/12/1/2602532/verizon-carrier-iq-denial)

OK, so Verizon claims that they don't have Carrier IQ on their phones but this is not to say that they don't have something else under a different name that does the same thing. This is an ongoing cat and mouse game with this whole privacy issue.
:razz:
Sprint says it 'uses Carrier IQ to help maintain our network performance' | The Verge (http://www.theverge.com/2011/12/1/2603391/sprint-says-it-uses-carrier-iq-to-help-maintain-our-network)

RIM has given a statement that Carrier IQ is not on their phones, never has been, and is not authorized to be installed by carriers. Beyond that, as more info comes out, it seems that this "issue" isn't so much an issue at all. Are there any phones left that do have Carrier IQ installed without the user's knowledge?

Does this mean that Preroll can come in off the ledge?

OK, I don't get why some folks are making light of this and essentially making fun of people for being concerned. Privacy a legitimate issue and certainly warrants people being concerned. Frankly I worry more about people who aren't concerned. Whether or not you have anything to hide has no bearing on this -when people say they have nothing to hide that tells me they really don't undersand the implications of being tracked without their knowledge and consent.

Being concerned is not the same as being paranoid.

RIM has given a statement that Carrier IQ is not on their phones, never has been, and is not authorized to be installed by carriers. Beyond that, as more info comes out, it seems that this "issue" isn't so much an issue at all. Are there any phones left that do have Carrier IQ installed without the user's knowledge?

Lots of Android devics and iOS devices apparently.

RIM has given a statement that Carrier IQ is not on their phones, never has been, and is not authorized to be installed by carriers. Beyond that, as more info comes out, it seems that this "issue" isn't so much an issue at all. Are there any phones left that do have Carrier IQ installed without the user's knowledge?

Technolog - AT&T, Sprint, T-Mobile use Carrier IQ, but don't collect personal info (http://technolog.msnbc.msn.com/_news/2011/12/01/9143034-att-sprint-t-mobile-use-carrier-iq-but-dont-collect-personal-info)

Three of the nation's four largest wireless carriers xxx8212; AT&T, Sprint and T-Mobile xxx8212; say they use Carrier IQ's controversial key-logging software, say they do not use it to monitor subscribers' activities. The Carrier IQ program is an analytical tool, strictly to "improve wireless network and service performance," not to track users' personal data, said AT&T.

I agree with Daphne. This isn't, for me at least, about paranoia. Many will say "if you have nothing to hide then there isn't anything to worry about". It's not that there is something to hide but there is something that is personal and private(contacts, passwords) which I do not want to share.

OK, I don't get why some folks are making light of this and essentially making fun of people for being concerned.

I'm not trying to make light of the situation, but I get this feeling that it's not as wide-spread as the initial public reaction suggested. As more details emerge, fewer handsets seem to be "infected" with this junk.

Lots of Android devics and iOS devices apparently.

I saw that Apple made a comment that iOS5 does not fully support Carrier IQ and future versions will not support it at all. Interesting that it was there in the first place, however.

I agree with Daphne. This isn't, for me at least, about paranoia. Many will say "if you have nothing to hide then there isn't anything to worry about". It's not that there is something to hide but there is something that is personal and private(contacts, passwords) which I do not want to share.

I can definitely see the issue, and would love to hear Carrier IQ explain how capturing keystrokes helps the carriers maintain their network.

I believe it is overblown, fed off of breathless media reports about how this is installed and invading the privacy of billions of mobile device users.

And each day, more and more carriers and device manufacturers say they aren't using it. So the threat to the billions gets much smaller.

Privacy is a huge problem. You cars are being tracked by camera, nothing wireless is as safe as we'd like.

My opinion (and I am entitled to it): Get over it. You have no privacy if you use any electronic equipment with a transmitting radio, or credit cards, or drive a car (or use an EZPass or some other RFID-type payment device).

The sky isn't falling. It fell a long time ago.

Actually it is a matter of principal. No one has the right to monitor you unless there is a court order.

Wrong on so many levels.

I just read the cease and desist letter that Suzi linked above

https://www.eff.org/sites/default/files/eckhart_cease_desist_demand_redacted.pdf

Freaking hilarious.

Actually it is a matter of principal. No one has the right to monitor you unless there is a court order.

Exactly, particularly not without your knowledge *and* consent.

One of the problems is that many of us are conditioned that being monitored is just how things are... and in many respects that's true. That that doesn't make it ok or right. So much monitoring is passive and opt out that we forget about it. Even things like store cards, there's a big database in the sky where all of our purchases made with store cards, credit cards, ATM/debit cards are stored. Websites too.

Anyone remember a once notorious female who had her Amazon purchase history supboenaed by prosecutor Kenneth Starr? :razz:

I think part of the big reaction to the news about Carrier IQ is because the American people are rightfully getting fed up with being surreptitiously monitored. And because it was mostly previously unknown, hidden, and there was no way to turn if off. It reminds me of the Sony rootkit debaucle.

Mobile spyware is becoming a scourge like computer spyware was 10 years ago. Gator or 1800Solutions anyone? People got sick of that and the FTC eventually cracked down on them, and folks are becoming sick of mobile monitoring now.

I don't disagree with NJB's statement that the sky fell long ago, but that doesn't make it ok or right, or mean that we should be passive about it. Reading that CIQ is not as pervasive as initially thought is good news, but it doesn't change the fact that it's wrong on many levels as Ian said.

I just read the cease and desist letter that Suzi linked above

https://www.eff.org/sites/default/files/eckhart_cease_desist_demand_redacted.pdf

Freaking hilarious.

Yep, and that response makes the company look all the more guilty.

Now T-Mobile says they install Carrier IQ on several BlackBerry models and other devices.
List Of Currently Sold T-Mobile Devices With Carrier IQ Software (http://www.tmonews.com/2011/12/list-of-currently-sold-tmobile-devices-with-carrier-iq-software-preinstalled/)

Actually it is a matter of principal. No one has the right to monitor you unless there is a court order.

Not wanting to keep the paranoia going, Just so everyone is very clear, the requirement to collect, hold and make available all email, all text, all incoming and out going calls is something the carriers are doing. Unless you have something to hide it generally means nothing to the average user. I do agree with daphne, it is a matter of privacy. None of which we have anymore.
also the Tmobile post stating they do not use Carrier IQ to track text and other email information is correct, they have other methods for this.

Now T-Mobile says they install Carrier IQ on several BlackBerry models and other devices.
List Of Currently Sold T-Mobile Devices With Carrier IQ Software (http://www.tmonews.com/2011/12/list-of-currently-sold-tmobile-devices-with-carrier-iq-software-preinstalled/)

FYI for those who don't already know, the CIQ software is apparently in the My Account app (see the internal T-Mobile document posted at the tmonews link Daphne posted). So, if you didn't download and install the app (the icon on your BlackBerry out of the box is just a download link) then you don't have the My Account app installed; or you can deny it permissions; or, if you have installed it, you can delete the My Account app.
Posted via BlackBerryForums.com Mobile

Unless you have something to hide it generally means nothing to the average user.

I disagree, it records every keystroke made on the device. So if you enter your credit card information, passwords, account numbers, etc. It is recording those. Even if you have nothing to hide, this information should not be recorded or tracked in any way.

That's right. The video showed it recording keystrokes on https. Even if the carrier isn't using that information, there's still the possiblity they could use it or it could be subpoened.

And unless I totally failed to understand how it works, one of the greatest selling points of the BB solution for enterprise customers is this secure channel between the BB phone and the BES.
Going like "uhh, by the way, there's this little app sitting in between that's logging everything you type in" is not likely to sound nice to the ears of big corps.

I disagree, it records every keystroke made on the device. So if you enter your credit card information, passwords, account numbers, etc. It is recording those. Even if you have nothing to hide, this information should not be recorded or tracked in any way.

Thank you!

In addition to Carrier IQ's DB, it's something that could also be subjected to MITM (Man-In-The Middle) Attacks. People sued for invasion of privacy years ago. If people don't push back at some point, this crap is only going to get worse.

I understand NJBlackberry's comment on being tracked by almost everything electronic these days but there needs to be some resistance by the users to prevent this from getting worse. This information can lead to company theft (from stolen emails) and even identity theft. I personally don't think we can just say this sux and forget about it.

Anyway, just my two cents...

This was the best line of the article (IMHO):

Carrier IQ has said its software is not designed to capture keystrokes or the content of messages, but in some cases that may have happened by accident.

Feds probing Carrier IQ - The Washington Post (http://www.washingtonpost.com/business/economy/feds-probing-carrier-iq/2011/12/14/gIQA9nCEuO_story.html)

Sprint: Carrier IQ has been disabled on our devices (http://www.mobileburn.com/17957/news/sprint-carrier-iq-has-been-disabled-on-our-devices)

So now we have denials, confirms, maybe's and definitely not's We need a few somewhat's.

The latest update to all this:

Carrier IQ takeaway: You don't control your phone - Dec. 28, 2011 (http://money.cnn.com/2011/12/28/technology/carrier_iq/index.htm?hpt=hp_t3)

I found this part of the article to be somewhat interesting however:

Carrier IQ and a security consultant, Dan Rosenberg of Virtual Security Research, determined that HTC had turned on a debug logger that should have been left off by default. As a result, the Carrier IQ app was temporarily storing everything a user did on the phone. The software maker said it is working with HTC to fix the issue.

Sprint is removing Carrier IQ. I received an update to my Evo 3D last night and I checked for CIQ and it is no longer there.

HTC And Sprint Working On Software Updates That Remove Carrier IQ | TechCrunch (http://techcrunch.com/2012/01/17/htc-and-sprint-working-on-software-updates-that-remove-carrier-iq/)

House Wants Cell Phone Owners Warned of Tracking Software

Markey Releases Discussion Draft of Mobile Device Privacy Act in Wake of Carrier IQ Software Concerns | Congressman Ed Markey, Massachusetts 7th District (http://markey.house.gov/press-release/markey-releases-discussion-draft-mobile-device-privacy-act-wake-carrier-iq-software)