A developer for Google's Android mobile phone operating system has exposed what has the potential to be the most significant user privacy security vulnerability ever discovered in any computing device.
In a video posted to YouTube, Connecticut-based developer Trevor Eckhard has demonstrated how a program called Carrier IQ logs an astonishing amount of information about every aspect of mobile device use — from the full-text of SMS messages to the URL of every website visited using the device, not to mention every single keystroke that a user enters into their phone or tablet.
The Carrier IQ software is made by an eponymous company based in Silicon Valley (www.carrieriq.com) and is now known to come preinstalled on Android phones sold by many major carriers, including Sprint in the United States. The software launches automatically whenever a device on which it is installed is powered up, and there appears to be no way to disable or delete the software without “rooting” the device. It has not yet been confirmed whether the software is preinstalled on devices running operating systems other than Android, although this seems very likely given that a media alert issued by Carrier IQ earlier this month explains that its software is used for “counting and measuring operational information in mobile devices” including “feature phones, smart phones and tablets.”
Please see full publication below for more information.