So, what information do these background processes provide to carriers? Key presses, which apps are run, phone number and SMS logs and geographic data. The process has permissions to basically everything. Add this to the information carriers naturally have about you (like which cell tower you’re near, what your monthly usage and data patterns are) and they have a far more detailed picture that they would otherwise. CarrierIQ has , though their lawsuit (now dropped) against the security researcher who found the rootkit, may leave a bitter taste with many.
This is undoubtedly going beyond what most people would be comfortable with. However, it’s hardly surprising. Such information gathering occurs on many levels, even with website tracking cookies, or when you’re walking around shopping malls (see previous post). What the important takeaway with CarrierIQ is not that your information is compromised, it’s that it has the potential to be compromised AND it’s in the hands of a third party (one which many did not even know existed before this). It’s also encouraging to see that people still care about what’s running on their devices and want control over their own information, though many will be indifferent in this day and age of oversharing.
How does one tell if this is running on their phone? You can run the Logging Check app (http://forum.xda-developers.com/showpost.php?p=17612559&postcount=110) if you have root access. If you have an OEM-ROM’ed device, such as a factory Samsung or HTC device, odds are good that it’s running on your system. If you’re running an AOSP build, such as CyanogenMod or MIUI (which you SHOULD be ;), then you do not have this running.
More information from Trevor Eckhart here: http://androidsecuritytest.com/features/logs-and-services/loggers/carrieriq/
You can read CarrierIQ’s press release defending itself here: http://www.carrieriq.com/Media_Alert_User_Experience_Matters_11_16_11.pdf