nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Used your smartphone to log into your network?

From: Rich Kulawiec <rsk () gsp org>
Date: Wed, 30 Nov 2011 11:51:17 -0500
If so, this might be a good time to change passwords, and to review
what other information has transited your phone.

(Note: androidsecuritytest.com appears to be slashdotted at the moment.)

November 16: initial reports of Carrier IQ spyware surface:
        
        CarrierIQ: Most Phones Ship With "Rootkit"
        http://yro.slashdot.org/story/11/11/16/1517248/carrieriq-most-phones-ship-with-rootkit

        The Rookit of All Evil
        http://www.xda-developers.com/android/the-rootkit-of-all-evil-ciq/

        More on CarrierIQ
        http://www.xda-developers.com/android/more-on-carrier-iq/

all of which reference the research presented here:
        
        Carrier IQ
        http://androidsecuritytest.com/features/logs-and-services/loggers/carrieriq/


November 22: Carrier IQ threatens security researcher Trevor Eckhart:

        CarrierIQ Tries To Silence Security Researcher
        http://mobile.slashdot.org/story/11/11/23/0032233/carrieriq-tries-to-silence-security-researcher

        Mobile Rootkit Maker Tries to Silence Critical Android Dev
        http://www.wired.com/threatlevel/2011/11/rootkit-brouhaha/


November 24:  Carrier IQ backs off its threats, says that it doesn't track Android users

        Carrier IQ Relents, Apologizes
        http://yro.slashdot.org/story/11/11/24/1852213/carrier-iq-relents-apologizes

        Carrier IQ retracts cease and desist letter sent to security researcher, says it doesn't track Android users
        http://www.theverge.com/2011/11/23/2583862/carrier-iq-retracts-cease-and-desist-letter-sent-to-xda-developers


November 29: Further research by Trevor Eckhart shows Carrier IQ spyware logs ALL keystrokes

        Android Dev Demonstrates CarrierIQ Phone Logging Software On Video
        
http://yro.slashdot.org/story/11/11/30/0423256/android-dev-demonstrates-carrieriq-phone-logging-software-on-video

        Researcher's Video Shows Secret Software on Millions of Phones Logging Everything
        http://www.wired.com/threatlevel/2011/11/secret-software-logging-video

        The Storm Is Not Over Yet -- Lets Talk About #CIQ       
        http://www.xda-developers.com/android/the-storm-is-not-over-yet-lets-talk-about-ciq/

all of which reference this research:

        Carrier IQ Part 2
        http://androidsecuritytest.com/features/logs-and-services/loggers/carrieriq/carrieriq-part2/

---rsk
Previous By Date Next
Previous By Thread Next

Current thread: