Become a fan of Slashdot on Facebook

 


Forgot your password?
Close
typodupeerror
×
Android Electronic Frontier Foundation Cellphones Privacy Security Your Rights Online

EFF Reverse Engineers Carrier IQ 103

Posted by samzenpus from the see-how-it-ticks dept.
MrSeb writes "At this point we have a fairly good idea of what Carrier IQ is, and which manufacturers and carriers see fit to install it on their phones, but the Electronic Frontier Foundation — the preeminent protector of your digital rights — has taken it one step further and reverse engineered some of the program's code to work out what's actually going on. There are three parts to a Carrier IQ installation on your phone: The program itself, which captures your keystrokes and other 'metrics'; a configuration file, which varies from handset to handset and carrier to carrier; and a database that stores your actions until it can be transmitted to the carrier. It turns out that that the config profiles are completely unencrypted, and thus very easy to crack."
This discussion has been archived. No new comments can be posted.

EFF Reverse Engineers Carrier IQ More

EFF Reverse Engineers Carrier IQ

Comments Filter:

  • If it's unencrypted... (Score:5, Funny)

    by Anonymous Coward on Friday December 23, 2011 @09:09AM (#38470318)

    ...why would anyone have to crack it? Just open and read it. BRB, I'm going to 'crack' these jpegs of naked ladies.

  • Re:If it's unencrypted... (Score:5, Funny)

    by Anonymous Coward on Friday December 23, 2011 @09:25AM (#38470402)

    Indeed. Anyone who has worked with any sort of Perl source code knows just how true your statement is. It's unencrypted, it's not (intentionally) obfuscated, and it may even have comments, but it's not human-readable, even after you've worked extensively with Perl for a couple of decades.

  • Re:If it's unencrypted... (Score:2, Funny)

    by Tsingi ( 870990 ) <[graham.rick] [at] [gmail.com]> on Friday December 23, 2011 @09:37AM (#38470466)

    it's not human-readable, even after you've worked extensively with Perl for a couple of decades.

    Which pretty much makes you a masochist. I used perl for a project once because it was the only language I could get to talk to MSSQL from Linux without screwing up. I dread maintaining it.

  • Re:If it's unencrypted... (Score:5, Funny)

    by c ( 8461 ) <beauregardcp@gmail.com> on Friday December 23, 2011 @10:32AM (#38470838)

    > It was also written in forth, of all things. So it's like finally figuring out the compression
    > scheme and decoding the file - only to find out that it is an image of naked lady *martians*.

    Er... you do realize this is slashdot, and to an entire generation of nerds who spent most of their post-pubescent lives lusting after Star Trek aliens, both real-live implementations of "forth" and images of "naked lady martians" are considered a good thing to find inside compressed, encrypted binary blobs?

    Stick with something safe, like car analogies.

  • Re:If it's unencrypted... (Score:5, Funny)

    by Anonymous Coward on Friday December 23, 2011 @11:10AM (#38471228)

    Ever look at LISP code. Looks like fingernail clippings in oatmeal.

  • Re:android? (Score:4, Funny)

    by Culture20 ( 968837 ) on Friday December 23, 2011 @11:53AM (#38471816)

    why isn't there an iPhone/iOS-related tag?

    Because Apple vowed that it was never installed, and that it was disabled by default when it was installed.

Slashdot Top Deals

For God's sake, stop researching for a while and begin to think!

Close