Doesn’t Matter

The problem with diagnostic monitoring, though, is that phone companies don’t say how they do it. What kind of information can they collect from your phone? How often? What do they do to ensure that the data isn’t personally identifiable? Over the last few weeks we got some answers to these questions. They’re not pretty.

via Slate Magazine.

This story has been peculating for a couple of weeks on the Android development forums before Slate picked it up. Mr. Eckhart has done a valuable service to everyone by uncovering Carrier IQ. But it isn’t because he discovered this one program. It is because it brings to everyone’s attention what should be obvious but apparently isn’t. The makers of your phone, the carrier, and ultimately the .gov (sometimes by warrant and sometimes not), either know or can find out everything that your phone does. Discovering Carrier IQ, and even uninstalling it won’t fix that. They own the hardware and the software that goes on it, they can do and hide anything in it to trap any data they want. If you use a cellphone, nothing you do while it is on is private.

I use only Android phones that can be rooted and have community supported ROMs installed. This means that instead of the phone company or even Google providing the software, a group of developers who I don’t know provide the software. That sounds insane when I type it. But those developers publish their source code, other developers not affiliated with them review it. And if I like, and I have, I can get the source and compile it all up myself. So there is little chance of carrier or Google spyware making it onto my phone. However, the carrier provided the hardware in the first place. They can have the hardware programmed to do anything they want. In addition, there is the radio firmware (just software that gets put on the device) and we still don’t get to have that source. Although I make an effort for my phone to be as secure as possible; I’m still boned.

Most likely your life, like mine, is so boring that no one will care about what is on your phone. But that doesn’t make spying right or acceptable. However, right and acceptable are not a possible goal here. You have the phone, expect the carrier, the software vendor (Google, Apple, RIM), and ultimately the police to have access to anything that is on it.

The only way to keep that from happening is to turn it off, remove the battery, and leave it at home. Preferably in small pieces from a authoritative hammering and all melted together in the fire.

Both comments and trackbacks are currently closed.
%d bloggers like this: