azrienoch · Nov 15, 2011 at 08:21 pm

More on Carrier IQ

This article intends to extrapolate the implications of egzthunder1’s article on Carrier IQ, and to comment on the responses by Carrier IQ, HTC, and Sprint, given in Russell Holly’s article on Geek.com.

The point–short, sweet, and at the beginning of the article–is that we do not get to choose whether this information is collected.  Or who sees it.  Authorized employees only?  Marketing and polling firms?  Law enforcement?  All rhetorical questions, because we don’t know.

To be clear, the “information” I’m talking about are the Android intents logged by Carrier IQ, discovered by TrevE, which include your location, when you open an app and what app you open, what media you play and when you play it, when you receive an SMS, when you receive a call,  when your screen turns off or on, and what keys you press in your phone dialer.

Assuming the best, these companies want to know every detail about you so that they can update services to bring you the best products possible.  Note, however, that there is no log to show that the best product possible is one in which data about me is not collected.

If this data collection means little to you, think about this:  If Google’s vision of Android@Home comes true, these companies will know when you eat, when you sleep, when your house is empty.  They will know when you buy food by your refrigerator temperature, when and how you cook that food, and when you wash the dishes.  They will know how long you spend in each room of your house, based on when you flip the light switch.  And so on.  That’s only the uses Google presented at Google I/O 2011.

Nevermind the very real possibility of exploits that would give criminals all this information.  And still assuming the best, it’s not that we think Sprint employees would rob us based on all that information.  The question is, who needs information like that, anyway?  And who needs all the information currently gathered?  Nobody with good intentions.  While each of these companies may have good intentions, that’s still the impression.  It’s also not that I think I, personally, would be incriminated by that data.  It’s simply my life.  Mine.  No company has any excuse for stealing that.  No matter the reason.

So I find it interesting that each company’s response blames someone else as an excuse for our data being collected.  Carrier IQ says they provide a service that collects data, and what is done with that data is up to the manufacturers and carriers.  HTC says they put it on their phones because the carriers tell them to.  Sprint says it’s on their phones because we, their customers, obligate them to do so.  And if there’s one certainty in any blame game, it’s that blame is used to minimize your own guilt.

Carrier IQ, you sound like J. Robert Oppenheimer on the day Hiroshima was bombed.  HTC, if you refused to let it on your phones, you may get less money from carriers, but at least you won’t betray the people who want so desperately to fall in love with your work.  (Though, based on your implementation of HTCLogger and TellHTC, I doubt you have the heartstrings to pull.)  And Sprint, do not blame us.  Not when you don’t give us the option to opt out.  We gave you no obligation, because we gave you no permission.

Here is a list of options you have to begin regaining our trust, in order from most to least acceptable:

1)  Discontinue automatic data collection and publicly apologize for abusing your customers.

2)  Give us full–and I mean full–development access to our devices, including proprietary source codes, so we may offer people the best alternatives to your invasion of privacy.

3)  Publicly disclose every single customer you sold our information to, what you sold them, and give us the names and business addresses of every person with access, current or past, to your Carrier IQ Portal.

4)  Publicly disclose all the information gathered, in detail, and explain the exact methods used to keep our data anonymous.  Oh, and make it anonymous, whether we opt in or not.*

5)  Adopt a policy that allows anyone who cites privacy concerns to terminate their contract, no matter how far they are into the contract term, without any fees or payments outside what is owed up to that point.

 

*This won’t really score any brownie points with us.  It’s simply the bare minimum of what you should be doing already, and are not.  Don’t bother pointing at the fine print on the service and purchase agreements.  I found my grandfather’s magnifying glass to read it.  You didn’t list all the information you gather, let alone in detail.  Nor did you explain your methods for keeping the information anonymous.  And based on the training manuals downloaded from the Carrier IQ site, “anonymous” simply isn’t the word for it.  Not even you should know whose data it is.


_________
Want something on the XDA Portal? Send us a tip!
Emil Kako · Jan 31, 2015 at 02:59 pm · 1 comment

Do You Prefer Physical or on Screen Buttons?

More and more smartphone manufacturers have been moving towards on-screen buttons, with Google really pushing for it over the physical button alternative. However, there are still a few OEMs (we're looking at you, Samsung) that have preferred to keep things a bit more traditional. Tell us which way you prefer and why.

DISCUSS
Pulser_G2 · Jan 31, 2015 at 02:08 pm · no comments

New AOSP Branch Details Potential Build System Upgrades?

While there are frequent unexplained changes and pushes to Google's AOSP repositories, an interesting-looking new branch has been pushed out recently, called "master-soong". Taking a look at the changes made to the manifest repository (which is used to specify the repositories to be downloaded when building Android), it appears there are some new repositories making an appearance. Of note here are new prebuilt repositories for Go, and Ninja. Go is a programming language, created by Google, which compiles to produce...

XDA NEWS
GermainZ · Jan 30, 2015 at 09:29 pm · 1 comment

Send Links to Any Nearby Device with CaastMe

There already are many solutions on the Google Play store if you want to send a link to one of your devices -- but what if you wanted to do it quickly without having to install any software or logging in to a website on the recipient end? Most apps require you to do either or both, which can be a hassle (or even a security risk) in some cases. Luckily, XDA Forum Member wyemun has developed CaastMe. Inspired by...

XDA NEWS