Keylogging Spyware Carrier IQ Also Comes Installed On Many iPhones! Here’s How To Turn It Off



The Carrier IQ scandal has broken everywhere since we first reported it yesterday morning. The invasive rootkit is installed on over 140 million phones the world over, and logs everything you do with your device, from the numbers you dial to the smutty pictures you send to your girlfriend.

Yesterday, we reported the story as one proving Steve Jobs right about how Android tracks everything you do, but a day later, things seem a lot less black and white. Carrier IQ’s software comes pre-installed on other devices besides Android, like BlackBerrys and Nokias, and as even the name of the software suggests, seems to be something installed by carriers. And, as it turns out, some iPhones. Luckily, disabling it is the easiest thing in the world, and it logs none of your personal information, unlike the software’s more nefarious Android counterpart.

Developer and hacker chpwn explains how Carrier IQ works:

Carrier IQ, the now infamous “rootkit” or “keylogger”, is not just for Android, Symbian,BlackBerry, and even webOS. In fact, up through and including iOS 5, Apple has included a copy of Carrier IQ on the iPhone. However, it does appears to be disabled along with diagnostics enabled on iOS 5; older versions may send back information in more cases. Because of that, if you want to disable Carrier IQ on your iOS 5 device, turning off “Diagnostics and Usage” in Settings appears to be enough.

In other words, all you need to do is install iOS 5 and turn off “Diagnostics and Usage” and Carrier IQ is nuked. Even if you don’t, though, it’s far less dangerous on iOS:

Importantly, it does not appear the daemon has any access or communication with the UI layer, where text entry is done. I am reasonably sure it has no access to typed text, web history, passwords, browsing history, or text messages, and as such is not sending any of this data remotely.

So it seems on iOS, at least, Carrier IQ is fulfilling its function of allowing carriers and Apple to diagnose problems with a handset. It stores only a limited amount of information, none of it personal, and can easily be opted out on. On Android devices, however, it logs everything, may or may not be sending your personal data to external servers and is impossible to shut off. So while Carrier IQ may not be unique to Android, the nefarious aspects of the software certainly seem to be,

  • applewax

    Um, I do not see a “Diagnostics and Usage” in the Settings of my iPhone 4S.  (Yes, I looked in “General”.)  Maybe because I said “No” to “Send anonymous info to Apple” during initial set-up?  Thoughts?

  • macgizmo

    I’ve kept mine on. As long as Apple doesn’t tell my wife about the smutty pictures I exchange with my girlfriend, I could care less what they know about me ;)

  • Justin Gilbert

    Its under General, then About, then at the bottom it says, “Diagnostics & Usage”.  On the next page, it is set by default to “Don’t Send” but you can check it there.

  • Kris Triplett

    It’s under General -> About

  • Gene

    Ah, more link bait.
    The article clearly states that the iOS implementation is NOT keylogging software, but your headline insinuates that it is to encourage page views.

  • gareth edwards

    John man, piss poor headline. Come on, get a grip with the naming of this article.

  • GH

    What the hell is COM becoming?  jesus.

  • E V

    Actually, on the iPhone 4S running iOS 5, there are two separate “Diagnostics & Usage”. Should both be turned off? The first one is, as Justin Gilbert stated, Settings -> General -> About -> Diagnostics & Usage. The second one is: Settings -> Location Services -> System Services -> “Diagnostics & Usage”. So what we need here is context. What differentiates the first “Diagnostics & Usage” from the second on in Location Services? Do both need to be turned off in order to be confident that Carrier IQ is not being recorded? What gives?

  • BW Manx

    To be clear…this isn’t all Android phones.  It appears to be carrier specific.  Verizon phones in all flavors don’t have it.  Nexus phones do not have it on any carrier.  Instead of making this a “Phone War”, all consumers should demand the best policies from carriers when it comes to privacy and data collection.

  • applewax

    Ah.  Got it.  Thanks!

  • volodoscope

    I have mine on, as long as Apple is not an advertising company like Google.

  • RawBob

    Gimme a break.  That’s their whole business model.

    That’s why we call him Perez Brownlee.

  • RawBob

    Oh come on.

    That’s the whole “Cult” business model.  And “news editor” Perez Brownlee is leading the charge.

  • djrobsd

    Great find.  I already had the first one turned off after batterygate, but I went ahead and turned off the other one under location services.  

  • gareth edwards

    hahahahahahahaha – OMG! All we need is some ‘Bieber sits on my Laptop HAWT!” headlines and we’re done.