Addendum to my previous post. The carrier involved is CarrierIQ (I previously thought that was the name of the software) and the information is being sent to the CarrierIQ servers!
C On 30/11/2011, at 20:10 , cm wrote: > A "so-called" researcher has found key logging software on an HTC Android > phone. The key logger cannot be disabled and is on automatically -- there is > neither opt-in or opt-out options and one of the key logger's processes is > hidden from the running process list. Every single phone keypad key-press is > recorded as is every URL entered into the browser, even if the browser is > using Google secure search mode. The users position is also reported even if > the user has opted out of the location service. > > I am not sure how widespread this software is or which carriers are involved > but the article says the software is on millions of phones. It is also not > clear yet if anyone is receiving this information but it is certainly in the > log on the phone. > > Here is a 17 minute video which I watched in its entirety because it > interests me, but you may want to skip to the middle where he shows the key > logging in action > > http://www.wired.com/threatlevel/2011/11/secret-software-logging-video > > This is a bit of a black eye for the open-is-better Android bunch where > rather than open software what they are really running is a version that > their carrier has tampered with and they have not even been aware of this. If > the carrier had done a slightly better job of covering its track, not even > the researcher would have noticed. > > Cheers, > Carlo -- The WA Macintosh User Group Mailing List -- Archives - <http://www.wamug.org.au/mailinglist/archives.shtml> Guidelines - <http://www.wamug.org.au/mailinglist/guidelines.shtml> Settings & Unsubscribe - <http://lists.wamug.org.au/listinfo/wamug.org.au-wamug>
