Carrier IQ is just smarter than everyone else.

Just wait till Sen. Franken's personal love letter/text messages to George W become public. Then he will regret his decision to mess with the `IQ`

I don't see how IQ's activities could NOT be a violation of the law. I know phone carriers sneak a lot of stuff into their EULAs, but "permission to spy on your every keystroke" is a probably a bridge too far for even the most cynical company lawyer.

I don't always agree with Al, but I love his personality.

He is one of the few political figures who likes straight talk and minimum bullshiat.

/wouldn't mind having a chat over a beer or two ;)

I really dig having that dude as my Senator. For the first time in my life, I actually feel like I'm accurately represented in Congress.

Because People in power are Stupid: Carrier IQ is just smarter than everyone else.

Just wait till Sen. Franken's personal love letter/text messages to George W become public. Then he will regret his decision to mess with the `IQ`

....
:: chuckle ::

/appreciate your wit ;)

As someone who has aged years in the months that I had to spend on a helldesk, I must admit that there are times that I would have given my left nut to be able to access a person's usage history (including keystrokes and mouse movements).

But as a person who also uses the devices and apps that I had to troubleshoot, I'm damn glad that I wasn't able to. It's not a question of "If you don't do anything illegal, you shouldn't be worried", like everyone else upthread I'm more concerned with the legitimate things that I wish to hide.

Debugging tools have no place in a live environment.

daveinsurgent: PainInTheASP:
Debugging tools have no place in a live environment.

Know how I know you don't work with anything complicated?

I work with android apps and I have no problems with their stack traces, but stuff like this goes a bit beyond that. Or did I misunderstand your smartass coment?



java.lang.IllegalArgumentException: View not attached to window manager
at android.view.WindowManagerImpl.findViewLocked(WindowManagerImpl.java:3 55)
at android.view.WindowManagerImpl.removeView(WindowManagerImpl.java:200)
at android.view.Window$LocalWindowManager.removeView(Window.java:432)
at android.app.Dialog.dismissDialog(Dialog.java:278)
at android.app.Dialog.access$000(Dialog.java:71)
at android.app.Dialog$1.run(Dialog.java:111)
at android.app.Dialog.dismiss(Dialog.java:268)
at jackass.PainInTheASP'S.shiatty.android.app$1.handleMessage(AspHole.jav a:38)
at android.os.Handler.dispatchMessage(Handler.java:99)
at android.os.Looper.loop(Looper.java:130)
at android.app.ActivityThread.main(ActivityThread.java:3806)
at java.lang.reflect.Method.invokeNative(Native Method)
at java.lang.reflect.Method.invoke(Method.java:507)
at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit. java:839)
at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:597)
at dalvik.system.NativeStart.main(Native Method)


/Jackass.

beer4breakfast: PainInTheASP: I work with android apps and I have no problems with their stack traces,

Any barely complex piece of software is going to have a logging facility.

Logging errors and where they have occurred, yes, I understand that. But keystrokes? I'm sorry, but I don't think that those kind of tools have any place in production applications.

beer4breakfast: PainInTheASP: beer4breakfast: PainInTheASP: I work with android apps and I have no problems with their stack traces,

Any barely complex piece of software is going to have a logging facility.

Logging errors and where they have occurred, yes, I understand that. But keystrokes? I'm sorry, but I don't think that those kind of tools have any place in production applications.

It's a low level debugger for an embedded phone platform. Of course it'll show key strokes. The video I saw also showed the garbage collector freeing memory. Who cares if it's showing to the user what the user is typing in? If I attached a trace to my land line and it showed the numbers as I was pressing them on a separate device should I freak out too? Only if it's shown this data is saved and sent to a third party should anybody be freaking out.

Okay, I think we may be arguing on the same side here. I read a Slashdot article yesterday that said that the data was being shipped back to CarrierIQ. I may be wrong, so here's the linked article with the video:
Slashdot Link (new window)

Wired Link (new window)

According to these articles, the info is being shipped off to CarrierIQ. That means--at the very least--it is susceptible to a man-in-the-middle attack. From the Wired article:

From there, the data - including the content of text messages - is sent to Carrier IQ's servers, in secret.

That tells me that it is being "collected".

Federal Wiretap Law, Title 18, Part 2, chapter 119, § 2510, Definitions:

(some info skipped)

"(4) "intercept" means the aural or other acquisition of the contents of any wire, electronic, or oral communication through the use of any electronic, mechanical, or other device.[1]
(5) "electronic, mechanical, or other device" means any device or apparatus which can be used to intercept a wire, oral, or electronic communication other than-

(a) any telephone or telegraph instrument, equipment or facility, or any component thereof,
(i) furnished to the subscriber or user by a provider of wire or electronic communication service in the ordinary course of its business and being used by the subscriber or user in the ordinary course of its business or furnished by such subscriber or user for connection to the facilities of such service and used in the ordinary course of its business; or
(ii) being used by a provider of wire or electronic communication service in the ordinary course of its business, or by an investigative or law enforcement officer in the ordinary course of his duties;"

So that essentially says that if your employer supplies you with your phone or email, you have no right to an expectation of privacy.

(12) "electronic communication" means any transfer of signs, signals, writing, images, sounds, data, or intelligence of any nature transmitted in whole or in part by a wire, radio, electromagnetic, photoelectronic or photooptical system that affects interstate or foreign commerce, but does not include-"

Now the fun part: § 2511:
"§ 2511. Interception and disclosure of wire, oral, or electronic communications prohibited
(1) Except as otherwise specifically provided in this chapter any person who-
(a) intentionally intercepts, endeavors to intercept, or procures any other person to intercept or endeavor to intercept, any wire, oral, or electronic communication;
(b) intentionally uses, endeavors to use, or procures any other person to use or endeavor to use any electronic, mechanical, or other device to intercept any oral communication when- "

(some skipped)

"shall be punished as provided in subsection (4) or shall be subject to suit as provided in subsection (5). "

If you read on, you'll find that there are, of course, exceptions to situations where you're aware you're being recorded or have reasonable expectations of such. For example, if you call a police department, even if they don't TELL you you're being recorded, it is reasonable to assume that you will be (can't remember the court case off the top, but it's out there). Now, if CIQ or Sprint or whoever had given you the option to NOT be tracked, to not have text messages logged, and you said, explicitly, that it's OK for them to do all that, you don't have a pot to piss in. However as noted by the person in the video, none of them have in their license any mention of CIQ. Also, there is no mention made regarding contents of text messages. Not a sausage.

I'd lay pretty good odds this goes to full on class action, and that CIQ gets thrown under the bus. The carriers knew full well what was going on, and deliberately withheld that information, but there's not an ice cube's chance in hell Verizon or anyone else will see so much as a dime in fines.