What is Carrier IQ?
Carrier IQ is diagnostic software that comes pre-installed on some mobile devices. Mobile network operators use information gathered on your location and call activity to improve network coverage and reduce instances of dropped calls. Recently there has been a large amount of press coverage over the perceived privacy and security violations posed by Carrier IQ software. At Lookout, it is our belief that much of this coverage has been overstated. While there are a number of real privacy issues at play, based on our understanding Carrier IQ is not malware nor has malicious intent. We do believe that companies big and small should always take a transparent approach when it comes to data they are collecting from people.
What information is or isn't collected?
Based on credible reports, it appears that Carrier IQ has the ability to report the following information:
- The sequence of dialer buttons to determine phone call destination
- GPS location information, in some situations
- The URLs visited from your mobile browser
From our current understanding, CarrierIQ does not appear to have the ability to record SMS messages, email content, or the contents of web pages you've visited. In addition, Carrier IQ cannot record arbitrary keystrokes (or buttons you press) from your mobile device.
Why is Carrier IQ getting so much attention?
The biggest issue for most users is that they do not know whether they have Carrier IQ on their mobile device. In addition, there is no clear opt-out path available for those users who do have Carrier IQ installed and would prefer not to have it on their device.
Can I remove Carrier IQ from my phone?
Because Carrier IQ software is deeply integrated with the built-in firmware on the mobile device, users would have to get special device privileges (also known as ‘root’ privileges) in order to remove it. Side effects of this process have the potential to put users at further risk of malware infection, while making devices ineligible to receive firmware updates in the future. If you are sure you know what you are doing and would like to remove Carrier IQ software from your phone, there are a number of guides available online.
Book a personalized, no-pressure demo today to learn:
Discover how adversaries use non-traditional methods for phishing on iOS/Android, see real-world examples of threats, and learn how an integrated security platform safeguards your organization.
