Feeds

Crap mobile networks shamed by Carrier IQ API

Snoopware biz begs for forgiveness by dishing telco dirt

Application security programs and practises

MWC 2012 Caught-out cellphone snoopster Carrier IQ has decided to come clean, hoping that punters will be prepared to have their phones' behaviour logged if they get to see the data too.

On Monday the company launched an API which allows network operators to create self-service portals showing customers how many times they've dropped off the network, or failed to connect due to network congestion. They'll also be able to see just why their data speeds were so slow, and what's eating their battery life: all the stuff that got Carrier IQ burnt when customers discovered it was logging without their permission.

Carrier IQ was set up in 2005, originally to monitor handset performance on behalf of the network operators. Manufacturers would make claims about performance or battery life, then blame the network when the handset failed to live up to them. So the network operators would drop Carrier IQ's software into the phone to find out what was happening. Carrier IQ monitors signal quality, battery consumption, running applications and suchlike, then reports it all back to the network operator who can use it to beat up the manufacturer.

Handset makers then got interested in having the data themselves, so they could be warned of opponents' assaults operators' concerns, all of which was great news for Carrier IQ who had a merry time supplying information to both sides. Until the users noticed.

Turns out that people don't like to be spied on by their network operators, or their handset manufacturers, and certainly not by both. Sprint publicly decried the software and more than 25 per cent of Carrier IQ's business disappeared overnight.

Carrier IQ had never tried to be secret, and neither did the operators, and seemed genuinely surprised at the fuss caused by what they considered to be a network tool. That might be hard to believe, but it's worth remembering that users are monitored all the time from the network side - location is tracked and stored for law-enforcement, every handoff between cells is recorded for traffic analysis, every dropped call is logged by network maintenance. Carrier IQ saw what it was doing as an incremental step, users saw it as a step over the line of acceptability.

The company is now betting that it was the apparent secrecy which upset people, rather than the collection of the data itself. By providing APIs Carrier IQ hopes network operators will create customer-facing portals to display what's eating the battery, how many times one's Android phone has crashed and which application was run directly prior to each crash. In theory that should reduce customer support calls, which are very expensive for the network operators, enabling the application to pay for itself.

Network operators could also display information about network congestion, if they so desired. Carrier IQ collects data on calls dropped due to a weak signal, but also those left hanging by an overloaded cell site. Users could, in theory, see if the slowness of their data connection was down to cell loading, a weak radio signal, or an insufficient backhaul connection, providing them with ammunition with which to beat up the network operator.

It's hard to imagine network operators choosing to share data to that depth, especially with their competition, but if they don't then users might decide that Carrier IQ isn't worth having at all, and if punters decide they don't want it then no operator will take the chance of being caught out again. ®

HP ProLiant Gen8: Integrated lifecycle automation

More from The Register

next story
Google Nest, ARM, Samsung pull out Thread to strangle ZigBee
But there's a flaw in Google's IP-based IoT system
Orange spent weekend spamming customers with TXTs
Zero, not infinity, is the Magic Number customers want
Want to beat Verizon's slow Netflix? Get a VPN
Exec finds stream speed climbs when smuggled out
US freemium mobile network eyes up Europe
FreedomPop touts 'free' calls, texts and data
'Two-speed internet' storm turns FCC.gov into zero-speed website
Deadline for comments on net neutrality shake-up extended to Friday
GoTenna: How does this 'magic' work?
An ideal product if you believe the Earth is flat
NBN Co execs: No FTTN product until 2015
Faster? Not yet. Cheaper? No data
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Mobile application security vulnerability report
The alarming realities regarding the sheer number of applications vulnerable to attack, and the most common and easily addressable vulnerability errors.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.