|SUBJECT ||Re: [NYLXS - HANGOUT] [conspire] Lessons from CarrierIQ
|From owner-hangout-outgoing-at-mrbrklyn.com Sat Dec 3 18:16:24 2011
Received: by www2.mrbrklyn.com (Postfix)
id E749AFE170; Sat, 3 Dec 2011 18:16:23 -0500 (EST)
Received: by www2.mrbrklyn.com (Postfix, from userid 28)
id D39EDFFA8A; Sat, 3 Dec 2011 18:16:23 -0500 (EST)
Received: from mail-vw0-f44.google.com (mail-vw0-f44.google.com [126.96.36.199])
by www2.mrbrklyn.com (Postfix) with ESMTP id 36CD5FE170
for ; Sat, 3 Dec 2011 18:16:22 -0500 (EST)
Received: by vbbez10 with SMTP id ez10so798917vbb.17
for ; Sat, 03 Dec 2011 15:16:57 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
Received: by 10.52.93.146 with SMTP id cu18mr1904222vdb.56.1322954215202; Sat,
03 Dec 2011 15:16:55 -0800 (PST)
Received: by 10.220.37.198 with HTTP; Sat, 3 Dec 2011 15:16:55 -0800 (PST)
Date: Sat, 3 Dec 2011 18:16:55 -0500
Subject: Re: [NYLXS - HANGOUT] [conspire] Lessons from CarrierIQ
To: hangout-at-mrbrklyn.com, hangout-at-nylxs.com
Content-Type: text/plain; charset=ISO-8859-1
Thanks for passing this along.
On 12/3/11, Ruben Safir wrote:
> As Per Rick Moen::
> Let's say you want to send something with a bit of security against
> snooping, across the Internet. In broad terms, you tend to send it
> across either an SSH tunnel or an SSL-wrapped http connection -- or some
> close equivalent. In any such cases, your theory is that you can pretty
> well trust the security of that crypto-wrapped transport method, you
> have at least conditional trust in the security of the machine at the
> far end, and of course you trust the gadget you're typing on, because
> it's yours and it's right in front of you. Why wouldn't you trust it?
> I mean, it's your computer, designed for you.
> Metaphorically, such a connection is like a bridge, in that it's sturdy
> and reliable if the bridge span is sound, if it has a sound footing on
> the near end, and if it has a sound footing on the far end. If you're
> in San Francisco, have a look at the massive SF anchorages of the Bay
> and Golden Gate Bridges, on Rincon Hill and the Presidio near Fort Point,
> respectively. They're extremely solid. They have to be.
> One fine day, you get one of those marvelous Android-based smartphones
> through your cellular telco. It probably comes with an ssh client and
> https capability. In not, off to Android Marketplace, and you're set:
> You can now communicate across the Internet in privacy, because your
> cellular works for you.
> Well, guess what?
> Android developer Trevor Eckhart was on the trail of a weird hidden
> software process on his Sprint-issued HTC EVO 3D, which runs Sprint's
> load of Android 2.3.4 Gingerbread. It seemed as if 'Carrier IQ',
> professing to be an Android component, might be sending back a
> tremendous amount of detailed 'user behavior logging' data to the
> CarrierIQ company. This, mind you, was not a user add-on but rather
> something that arrived built right into the Sprint build of Android.
> Eckhart discussed it with other developers, and they did the obvious
> thing of asking HTC and Sprint: 'Excuse us, but is detailed personal
> data including full session data getting shipped without our being asked
> to Carrier IQ?' Oh no, of course not.
> Eckhart investigated, and found that the truth was otherwise, and in
> fact worse -- and meticulously documented the fact that the Carrier IQ
> process was logging and reporting _everything_, including all user
> keystrokes. Picture that SSL or SSH session. Yes, the span is
> gloriously strong, but it turns out that your security footing (your
> smartphone's local security) is mud and sand. Hey, bridge collapse!
> Except with corporate disinformation.
> And lawyers. Carrier IQ's attempt to Eckhart's blog-posting expose was
> to attempt to muzzle him with a legal threat on copyright violation,
> because Eckhart mirrored as documentation for his analysis Carrier IQ
> technical manuals available at http://dis1.water.carrieriq.com/ until
> Carrier IQ heard about the work of Eckhart and his fellow developers and
> suddenly became shy about documentaiton, and also threatened him with
> (probably) unspecified tort actions over 'false allegations' -- probably
> Eckhart talked to EFF, who cited 17 U.S.C. 107 and the Campbell v.
> Acuff-Rose Music case, and also NY Times v. Sullivan and Hustler v.
> Fallwell to Carrier IQ so they could understand the concepts
> of fair use, the truth defence, and 'public figure':
> Carrier IQ stopped threatening Eckhart (but I haven't read that they
> ever apologised or ever formally withdrew their threat), but
> claim to this day they weren't recording user keystrokes -- pointlessly,
> because they were and are, and Eckhart proved it past dispute.
> Oh, wait, they issued a classic passive-aggressive non-apology apology
> We are deeply sorry for any concern or trouble that our letter may
> have caused Mr. Eckhart [...]
> Oh, we haven't done anything wrong, but we're devastated that Mr.
> Eckhart got upset just because we threatened him with bullshit legal
> claims, claiming we might be able to extract $150,000 in damages from
> you. Desolee, vraiment. It's regrettable when computer geeks have
> irrational reactions to simple everyday letters like that, but what can
> you do?
> You send an SMS or IM text message on your smartphone, and Carrier IQ
> gets the entire text and all data. You open an HTTPS connection to your
> _bank_, and Carrier IQ gets the entire text and all data.
> Which telco-loaded smartphones have this thing built in? Hell, which
> don't? It's on 'most Android, BlackBerry and Nokia devices', according
> to Adam Clark Estes of _The Atlantic Wire_ (linked story above).
> Eckhart has found the application on devices from Samsung, HTC, Nokia
> and RIM, and Carrier IQ claims on its website that it has installed
> the program on more than 140 million handsets.
> [RM: Yep, see the front page at http://www.carrieriq.com/ ]
> IN SOVIET TELCO, VENDOR SELL YOU
> People, people, people. Was nobody paying attention? One of the first
> lessons of the marketplace is how to determine when you are the
> customer, and when you are the product. (E.g., all of you lemmings
> using 'free' webmail providers are definitely and solely product, not
> To this day, I am not willing to trust smartphones generally --
> especially ones provided via telcos -- not so much because telco data
> plans tend to be heinously expensive as because there is too much
> temptation to, and precedent for, spying on my use of the phone and
> abusing the data. The history of embedded appliances, including
> embedded Linux, strongly suggests that the only way to prevent that is
> to make it physically impossible. Because otherwise, you will be sold.
> Making it physically impossible entails the smartphone's software being
> provided by me, not the telco, for it to be 100% open source (such as
> the CyanogenMod community build of Android), and for it to be under my
> control so that it runs only the processes I tell it to.
> Exactly the same with computers, by the way.
> Carrier IQ may be facing a big-ass class-action lawsuit:
> But, of course, they are hanging tough with the standard company line
> that (freely interpreted) amounts to 'We're not logging individual
> customer data, only storing anonymised metrics about performance,
> operational problems, and quality assurance, and, besides, it's standard
> and covered by various contracts we have with carriers and
> manufacturers, and, besides, everyone does it.'
> It's important to realise that there's some truth to what they say:
> The attitude that all the middlemen are entitled to help themselves to
> the user's data, and then claim it was all just for anonymised metrics /
> quality control / performance and certainly We Weren't Doing Anything
> Wrong, And Also, Everyone Does It, and, besides, it's all for your own
> good, and there's a wugga-wugga something to opt out if you're
> ungrateful and dont want this help -- is something you'll hear every time
> you encounter hanky panky, expose it to public view, and call bullshit
> on the cease-and-desist letter that follows.
> The only way out is to insist on a smartphone that does only what you
> tell it to, and whose initial software is from parties you can
> reasonably trust.
> The CyanogenMod people occasionally have feet of clay
> but at least not mud and sand like that metaphorical bridge.
> conspire mailing list
Sent from my mobile device
Evan M. Inker