Feeds

Crap mobile networks shamed by Carrier IQ API

Snoopware biz begs for forgiveness by dishing telco dirt

3 Big data security analytics techniques

MWC 2012 Caught-out cellphone snoopster Carrier IQ has decided to come clean, hoping that punters will be prepared to have their phones' behaviour logged if they get to see the data too.

On Monday the company launched an API which allows network operators to create self-service portals showing customers how many times they've dropped off the network, or failed to connect due to network congestion. They'll also be able to see just why their data speeds were so slow, and what's eating their battery life: all the stuff that got Carrier IQ burnt when customers discovered it was logging without their permission.

Carrier IQ was set up in 2005, originally to monitor handset performance on behalf of the network operators. Manufacturers would make claims about performance or battery life, then blame the network when the handset failed to live up to them. So the network operators would drop Carrier IQ's software into the phone to find out what was happening. Carrier IQ monitors signal quality, battery consumption, running applications and suchlike, then reports it all back to the network operator who can use it to beat up the manufacturer.

Handset makers then got interested in having the data themselves, so they could be warned of opponents' assaults operators' concerns, all of which was great news for Carrier IQ who had a merry time supplying information to both sides. Until the users noticed.

Turns out that people don't like to be spied on by their network operators, or their handset manufacturers, and certainly not by both. Sprint publicly decried the software and more than 25 per cent of Carrier IQ's business disappeared overnight.

Carrier IQ had never tried to be secret, and neither did the operators, and seemed genuinely surprised at the fuss caused by what they considered to be a network tool. That might be hard to believe, but it's worth remembering that users are monitored all the time from the network side - location is tracked and stored for law-enforcement, every handoff between cells is recorded for traffic analysis, every dropped call is logged by network maintenance. Carrier IQ saw what it was doing as an incremental step, users saw it as a step over the line of acceptability.

The company is now betting that it was the apparent secrecy which upset people, rather than the collection of the data itself. By providing APIs Carrier IQ hopes network operators will create customer-facing portals to display what's eating the battery, how many times one's Android phone has crashed and which application was run directly prior to each crash. In theory that should reduce customer support calls, which are very expensive for the network operators, enabling the application to pay for itself.

Network operators could also display information about network congestion, if they so desired. Carrier IQ collects data on calls dropped due to a weak signal, but also those left hanging by an overloaded cell site. Users could, in theory, see if the slowness of their data connection was down to cell loading, a weak radio signal, or an insufficient backhaul connection, providing them with ammunition with which to beat up the network operator.

It's hard to imagine network operators choosing to share data to that depth, especially with their competition, but if they don't then users might decide that Carrier IQ isn't worth having at all, and if punters decide they don't want it then no operator will take the chance of being caught out again. ®

Top three mobile application threats

More from The Register

next story
Virgin Media so, so SORRY for turning spam fire-hose on its punters
Hundreds of emails flood inboxes thanks to gaffe
A black box for your SUITCASE: Now your lost luggage can phone home – quite literally
Breakfast in London, lunch in NYC, and your clothes in Peru
AT&T threatens to pull out of FCC wireless auctions over purchase limits
Company wants ability to buy more spectrum space in auction
Turnbull leaves Australia's broadband blackspots in the dark
New Statement of Expectations to NBN Co offers get-out clauses for blackspot builds
Facebook claims 100 MEEELLION active users in India
Who needs China when you've got the next billion in your sights?
Facebook splats in-app chat, whacks brats into crack yakety-yak app
Jibber-jabbering addicts turfed out just as Zuck warned
Google looks to LTE and Wi-Fi to help it lube YouTube tubes
Bandwidth hogger needs tube embiggenment if it's to succeed
prev story

Whitepapers

SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.