Feeds

Crap mobile networks shamed by Carrier IQ API

Snoopware biz begs for forgiveness by dishing telco dirt

Internet Security Threat Report 2014

MWC 2012 Caught-out cellphone snoopster Carrier IQ has decided to come clean, hoping that punters will be prepared to have their phones' behaviour logged if they get to see the data too.

On Monday the company launched an API which allows network operators to create self-service portals showing customers how many times they've dropped off the network, or failed to connect due to network congestion. They'll also be able to see just why their data speeds were so slow, and what's eating their battery life: all the stuff that got Carrier IQ burnt when customers discovered it was logging without their permission.

Carrier IQ was set up in 2005, originally to monitor handset performance on behalf of the network operators. Manufacturers would make claims about performance or battery life, then blame the network when the handset failed to live up to them. So the network operators would drop Carrier IQ's software into the phone to find out what was happening. Carrier IQ monitors signal quality, battery consumption, running applications and suchlike, then reports it all back to the network operator who can use it to beat up the manufacturer.

Handset makers then got interested in having the data themselves, so they could be warned of opponents' assaults operators' concerns, all of which was great news for Carrier IQ who had a merry time supplying information to both sides. Until the users noticed.

Turns out that people don't like to be spied on by their network operators, or their handset manufacturers, and certainly not by both. Sprint publicly decried the software and more than 25 per cent of Carrier IQ's business disappeared overnight.

Carrier IQ had never tried to be secret, and neither did the operators, and seemed genuinely surprised at the fuss caused by what they considered to be a network tool. That might be hard to believe, but it's worth remembering that users are monitored all the time from the network side - location is tracked and stored for law-enforcement, every handoff between cells is recorded for traffic analysis, every dropped call is logged by network maintenance. Carrier IQ saw what it was doing as an incremental step, users saw it as a step over the line of acceptability.

The company is now betting that it was the apparent secrecy which upset people, rather than the collection of the data itself. By providing APIs Carrier IQ hopes network operators will create customer-facing portals to display what's eating the battery, how many times one's Android phone has crashed and which application was run directly prior to each crash. In theory that should reduce customer support calls, which are very expensive for the network operators, enabling the application to pay for itself.

Network operators could also display information about network congestion, if they so desired. Carrier IQ collects data on calls dropped due to a weak signal, but also those left hanging by an overloaded cell site. Users could, in theory, see if the slowness of their data connection was down to cell loading, a weak radio signal, or an insufficient backhaul connection, providing them with ammunition with which to beat up the network operator.

It's hard to imagine network operators choosing to share data to that depth, especially with their competition, but if they don't then users might decide that Carrier IQ isn't worth having at all, and if punters decide they don't want it then no operator will take the chance of being caught out again. ®

Top 5 reasons to deploy VMware with Tegile

Whitepapers

Driving business with continuous operational intelligence
Introducing an innovative approach offered by ExtraHop for producing continuous operational intelligence.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
How to determine if cloud backup is right for your servers
Two key factors, technical feasibility and TCO economics, that backup and IT operations managers should consider when assessing cloud backup.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Internet Security Threat Report 2014
An overview and analysis of the year in global threat activity: identify, analyze, and provide commentary on emerging trends in the dynamic threat landscape.