Amid widespread concern over an obscure piece of smart-phone diagnostic software that some experts say could be used to collect and transmit sensitive information, a leading academic has called on the industry to give users a one-click way to see what their gadgets are actually doing.
“It would be good to have some form of auditing function built into our devices,” says Jonathan Zittrain, a Harvard Law School professor and cofounder of the Berkman Center for Internet and Society. “The auditing function can be implemented by Apple and by handset makers through Android. Make it part of the ‘About’ tab. And it would show with whom the phone has been communicating and the sorts of things it has been sending.”
Zittrain raised the idea in an interview following a controversy over software developed by a small company called Carrier IQ. Installed on at least 140 million phones, the software is designed to operate in the background and send performance data from handsets to telecom carriers, allowing carriers to diagnose dropped calls and obtain other network information.
The company was thrown on the defensive recently when a security researcher, Trevor Eckhart, said the software collected more sensitive information including “geographical location of the device, the end user’s pressing of keys on the device, [and] usage history of the device,” and posted a video showing the software capturing the text of his text messages, Google search terms, and location information—even though he’d disabled his GPS.
Carrier IQ has taken issue with the dark implications of the researcher’s report. It says the details of the implementation were up to handset makers and that its product didn’t “record, store, or transmit” personal information. That stance has been backed up by some researchers who have nonetheless called for tighter control over what the software can do and—echoing Zittrain’s proposal—for more visibility for end users.
Already, some members of Congress have gotten involved, with Senator Al Franken, of Minnesota, demanding from Carrier IQ a detailed accounting of what data was collected and who got it, including whether law enforcement ever sought or obtained permission to use the technology as a back door for surveillance. The company is slated to reply to those questions on December 14.
There is no easy way for users to disable or remove the tool, which runs behind the scenes regardless of what the user is doing on the phone. But some handset makers, including HTC, have said they are exploring whether to allow consumers to opt out of data collection by Carrier IQ. And a security company, Bitdefender, last weekend released an app that can detect whether Carrier IQ is running on a phone. Another company, Whisper Systems, already offers Android apps that can help keep track of what different apps are up to on a device.
Catalin Cosoi, head of online threats at Bitdefender, however, says that inserting the Carrier IQ auditing function would have to be done at the operating system level, to which application developers do not have access. It would require a tweak by Apple to its iOS operating system, or by handset makers and networks using Android and other operating systems.
Until that happens, Cosoi adds, users have one other way to check what their smart phones are sending out: they can connect the phone to a laptop or PC running a traffic-sniffing program, such as Wireshark. But this is a fairly technical procedure, not the kind of simple function that users have come to expect on their phones.
Carriers and handset makers, including Apple, didn’t immediately return calls for comment on the transparency-app idea yesterday. AT&T replied to reiterate that it used Carrier IQ only for network maintenance, and did not address questions about whether it might give customers a way to audit data dispatches.
On the specifics of Carrier IQ, Zittrain says it is too soon to say how serious the matter might be. “It seems like there are competing empirical claims about what the software is doing,” he says. And until more is known, he says, it is not particularly useful to focus on what the software has the potential to do. “You could say any application or process on a traditional PC has the potential to wipe your hard drive or monitor its bits, too,” he notes.
But an easy-to-use auditing window would resolve the problem and prevent future controversies. “Why shouldn’t we know what our phones are up to?” says Zittrain.