Dustin wrote:
> Virus Guy<Virus@Guy.com> wrote in news:4EDD3259.E3A1ADB3@Guy.com:
>
>> http://www.wired.com/threatlevel/201...tkit-brouhaha/
>>
>> Mobile ‘Rootkit’ Maker Tries to Silence Critical Android Dev
>> November 22, 2011
>>
>> A data-logging software company is seeking to squash an Android
>> developer’s critical research into its software that is secretly
>> installed on millions of phones, but Trevor Eckhart is refusing to
>> publicly apologize for his research and remove the company’s training
>> manuals from his website.
>>
>> Though the software is installed on millions of Android, BlackBerry and
>> Nokia phones, Carrier IQ was virtually unknown until the 25-year-old
>> Eckhart analyzed its workings, recently revealing that the software
>> secretly chronicles a user’s phone experience, from its apps, battery
>> life and texts. Some carriers prevent users who actually find the
>> software from controlling what information is sent.
>>
>> http://androidsecuritytest.com/featu...oggers/carrier
>> iq/
>>
>> Eckhart called the software a “rootkit,” a security term that refers to
>> software installed at a low-level on a device, without a user’s consent
>> or knowledge in order to secretly intercept the device’s workings.
>> Malware such as keyloggers and trojans are two examples.
>>
>> He also mirrored the Mountain View, Calif. company’s training manuals
>> he’d found on Carrier IQ’s publicly available website. The manuals
>> provide a limited roadmap for how Carrier IQ works, Eckhart said in a
>> telephone interview.
>>
>> When Carrier IQ discovered Eckhart’s recent research and his posting of
>> those manuals, Carrier IQ sent him a cease-and-desist notice:
>>
>> https://www.eff.org/sites/default/fi...t_demand_redac
>> ted.pdf
>>
>> saying Eckhart was in breach of copyright law and could face damages of
>> as much as $150,000, the maximum allowed under U.S. copyright law per
>> violation. The company removed the manuals from its own website, as
>> well.
>>
>> On Monday, the Electronic Frontier Foundation announced it had came to
>> the assistance of the 25-year-old Eckhart of Connecticut, whom Carrier
>> IQ claims has breached copyright law for reposting the manuals.
>>
>> “I’m mirroring the stuff so other people are able to read this and
>> verify my research,” he said. “I’m just a little guy. I’m not doing
>> anything malicious.”
>>
>> The company is demanding Eckhart retract (.pdf) his “rootkit”
>> characterization of the software, which is employed by most major
>> carriers, Eckhart said.
>>
>> The EFF says Eckhart’s posting of the files is protected by fair use
>> under the Copyright Act for criticism, commentary, news reporting and
>> research, and that all of Carrier IQ’s claims and demands are
>> “baseless.”
>>
>> https://www.eff.org/sites/default/fi...d_response.pdf
>>
>> Andrew Coward, Carrier IQ’s marketing manager, said in a telephone
>> interview Tuesday that the company, not Eckhart, should be in “control”
>> of the manuals. “Whatever content we distribute we want to be in
>> control of that,” he said. “I think obviously, any company wants to be
>> responsible for the information that gets distributed.” He said “legal
>> matters” prohibited the 6-year-old company from discussing the Eckhart
>> flap further.
>>
>> He said the company’s wares are for “gathering information off the
>> handset to understand the mobile-user experience, where phone calls are
>> dropped, where signal quality is poor, why applications crash and
>> battery life.”
>>
>> “We’re not looking at texts. We’re counting things. How many texts did
>> you send and how many failed. That’s the level of metrics that are being
>> gathered,” he said.
>>
>> He answered “probably yes” when asked whether the company could read the
>> text messages if it wanted.
>>
>> Marcia Hofmann, an EFF senior staff attorney, said the civil rights
>> group has concluded that “Carrier IQ’s real goal is to suppress
>> Eckhart’s research and prevent others from verifying his findings.”
>>
>> In a Monday letter to Carrier IQ, Hofmann said Eckhart’s speech was
>> protected by the First Amendment.
>>
>> What’s more, the company is demanding that Eckhart inform Carrier IQ of
>> the names of all persons to which Eckhart has forwarded the training
>> material. The company also wants Eckhart to send “written retractions”
>> to everybody who has viewed his research in hard copy or on the web.
>>
>> Among other things, Carrier IQ insists that Eckhart retract his “root
>> kit” characterization of the unremovable software, and other statements,
>> by issuing a press release to The Associated Press.
>>
>> In 2005, Sony came under fire for installing a rootkit on music CDs.
>> Security expert Bruce Schneier wrote then that “The Sony code modifies
>> Windows so you can’t tell it’s there, a process called ‘cloaking’ in the
>> hacker world. It acts as spyware, surreptitiously sending information
>> about you to Sony. And it can’t be removed; trying to get rid of it
>> damages Windows.”
>>
>> In a letter to Eckhart, Carrier IQ said, “If you do not comply with
>> these cease and desist demands within this time period, please be
>> advised the Carrier IQ, Inc. will pursue all available legal remedies,
>> including seeking monetary damages, injunctive relief, and an order that
>> you pay court costs and attorney’s fees.”
>>
>> The deadline expired Nov. 18, but so far Carrier IQ has not made good on
>> its threats.
>>
>
> Hi Virus Guy..
>
> Feel free to post any updates to this you find. I'm interested in what
> happens as a result of his research.
>
>
https://www.eff.org/sites/default/fi...d_response.pdf