Feeds

Crap mobile networks shamed by Carrier IQ API

Snoopware biz begs for forgiveness by dishing telco dirt

Security for virtualized datacentres

MWC 2012 Caught-out cellphone snoopster Carrier IQ has decided to come clean, hoping that punters will be prepared to have their phones' behaviour logged if they get to see the data too.

On Monday the company launched an API which allows network operators to create self-service portals showing customers how many times they've dropped off the network, or failed to connect due to network congestion. They'll also be able to see just why their data speeds were so slow, and what's eating their battery life: all the stuff that got Carrier IQ burnt when customers discovered it was logging without their permission.

Carrier IQ was set up in 2005, originally to monitor handset performance on behalf of the network operators. Manufacturers would make claims about performance or battery life, then blame the network when the handset failed to live up to them. So the network operators would drop Carrier IQ's software into the phone to find out what was happening. Carrier IQ monitors signal quality, battery consumption, running applications and suchlike, then reports it all back to the network operator who can use it to beat up the manufacturer.

Handset makers then got interested in having the data themselves, so they could be warned of opponents' assaults operators' concerns, all of which was great news for Carrier IQ who had a merry time supplying information to both sides. Until the users noticed.

Turns out that people don't like to be spied on by their network operators, or their handset manufacturers, and certainly not by both. Sprint publicly decried the software and more than 25 per cent of Carrier IQ's business disappeared overnight.

Carrier IQ had never tried to be secret, and neither did the operators, and seemed genuinely surprised at the fuss caused by what they considered to be a network tool. That might be hard to believe, but it's worth remembering that users are monitored all the time from the network side - location is tracked and stored for law-enforcement, every handoff between cells is recorded for traffic analysis, every dropped call is logged by network maintenance. Carrier IQ saw what it was doing as an incremental step, users saw it as a step over the line of acceptability.

The company is now betting that it was the apparent secrecy which upset people, rather than the collection of the data itself. By providing APIs Carrier IQ hopes network operators will create customer-facing portals to display what's eating the battery, how many times one's Android phone has crashed and which application was run directly prior to each crash. In theory that should reduce customer support calls, which are very expensive for the network operators, enabling the application to pay for itself.

Network operators could also display information about network congestion, if they so desired. Carrier IQ collects data on calls dropped due to a weak signal, but also those left hanging by an overloaded cell site. Users could, in theory, see if the slowness of their data connection was down to cell loading, a weak radio signal, or an insufficient backhaul connection, providing them with ammunition with which to beat up the network operator.

It's hard to imagine network operators choosing to share data to that depth, especially with their competition, but if they don't then users might decide that Carrier IQ isn't worth having at all, and if punters decide they don't want it then no operator will take the chance of being caught out again. ®

Protecting against web application threats using SSL

More from The Register

next story
Brit telcos warn Scots that voting Yes could lead to HEFTY bills
BT and Co: Independence vote likely to mean 'increased costs'
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
New 'Cosmos' browser surfs the net by TXT alone
No data plan? No WiFi? No worries ... except sluggish download speed
Radio hams can encrypt, in emergencies, says Ofcom
Consultation promises new spectrum and hints at relaxed licence conditions
Blockbuster book lays out the first 20 years of the Smartphone Wars
Symbian's David Wood bares all. Not for the faint hearted
Bonking with Apple has POUNDED mobe operators' wallets
... into submission. Weve squeals, ditches payment plans
This flashlight app requires: Your contacts list, identity, access to your camera...
Who us, dodgy? Vast majority of mobile apps fail privacy test
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Protecting users from Firesheep and other Sidejacking attacks with SSL
Discussing the vulnerabilities inherent in Wi-Fi networks, and how using TLS/SSL for your entire site will assure security.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.