Friday, December 23, 2011

How to help the EFF find out the truth behind Carrier IQ

Just because Carrier IQ says that it doesn't track keystrokes or a lot of other information, do we have to believe them? The answer is no, and the Electronic Frontier Foundation aims to find out for itself what Carrier IQ monitored from your smartphones.

The EFF is asking for help, your help.

As part of Carrier IQ's software, there is a configuration file called a "Profile" that controls exactly what information is sent from the phone to a carrier or other Carrier IQ client. The EFF has reverse engineered the file format and has written a program for parsing it. Now, it wants to get its hands on as many Profiles as possible, to "catalog" exactly what Carrier IQ has been monitoring.

The EFF asks that if you have a rooted or jailbroken phone, and can find a Profile on it, that you send them 1) a copy of the Profile, 2) which phone and network it on, and 3) where in the phone's file system you found it (as it may be in different locations on different phones).

In general, the device will need to be rooted or jailbroken to get to the part of the file system that will house a Profile. There's a thread over at XDA Developers where methods to find Profile files are discussed.

Buy WoW Gold
Searching --- and finding --- these profile files won't be easy. Those that do so are probably in the developer or hacker community, and are willing to take time out to do this. Despite what Carrier IQ and its partners say, it's better to get the actual data from those we truly trust: ourselves, and not a corporation.

Wouldn't you agree?

No comments: