HTC Sneaks Spying App into Android 2.3.4 Phones

Looks like HTC has quietly slipped its users a spying app that tracks an alarming amount of user behavior and sends that data off to itself and perhaps others via a mysterious service in the cloud. The snooping app came nestled with the 2.3.4 Android update pushed out to some of its smartphones such as the Sensation 4G and EVO 4G.

TrevE and Team Synergy of the InfectedROM site (and XDA fame), discovered the app. HTC includes an application called Carrier IQ and Carrier IQ recently added a user-behavior logging feature called IQ Insight Experience Manager.

According to the Carrier IQ website: "IQ Insight Experience Manager uses data directly from the mobile phone itself to give a precise view of how users interact with both their phones and the services delivered through them, even if the phone is not communicating with the network. ... Identify exactly how your customers interact with services and which ones they use. See which content they consume, even offline."

But wait there's more. Turns out that after HTC collects these stats, CIQ isn't the only app with access to them. TrevE writes:

"CIQ is meant to monitor user activity and send logs off to wherever. Shortly after seeing this, team synergy went to work finding out exactly what was being done. ... Come to find out, CIQ is not the only part of android responsible for sending these stats. They get written out by framework to 4 major locations."

The four locations are ...

1- /data/system/appusagestats: Hosts a file that seems to collect every Android intent used on the phone. An intent is abstract description of an operation to be performed and is used, for instance, to launch activities. An intent is used to dial the phone, display the contact information and so on.

2- /data/system/usagestats - Team Synergy concluded that these are Google usage stats collecting much the same data as appusagestats and possibly sending this data somewhere else.

3- /data/system/userbehavior.db -- This looked to hold the IP address where the data is sent. They discovered two IP addresses in their phone going to Amazon cloud services.

4- /data/system/dropbox -- TrevE writes, "Now this is interesting, there were over 500 files in this directory. When we deleted everything in this folder and opened market, logcat reported errors looking for these files. Why is the market looking for these files on start?"

Do HTC users have the right to complain -- or even opt out of this snooping behavior? Apparently, not if the HTC license agreement is to be believed, points out Chris Chavez, on the Phandroid site.

He notes that users apparently are required to agree. Look at Settings > About Phone > Legal > HTC Legal and you'll find that HTC tells you it is collecting information. Each device has been allocated with "one or more unique identification numbers," the agreement says, It later adds: "HTC might share non-personal, aggregated information with selected third parties. However such information will not identify you personally." The privacy statement goes on like that for quite a few paragraphs, on the one hand explaining that it is gathering information, and that it reserves the right to share it, but  promising that the data won't be personally identifiable.

Now the good folks at Team Synergy have, of course, managed to kill off the app and remove it from the framework locations and have provided this code on a ROM. Unfortunately, ROM flashing and fiddling with system apps requires root access. And more unfortunately, as soon as you root your phone, the snooping app will know and could tell HTC, voiding your phone warranty.

Via:  InfectedROM
RTietjens 3 years ago

Underhanded spying on customers is not ethical behavior. This changes my attitude towards HTC rather greatly.

CCain 3 years ago

Wow HTC. I wonder what the decision process was for this one.

A: Oh look, our customers love us. How can we change that?

B: Well, the one sure fire way everyone else seems to piss off their customers is by violating their privacy!

A: Fantastic idea, B. Let's include some malware on our phones to kill off as much of that customer good will in one fell swoop as possible!

B: We'll track *everything* our customer does with the phone ... that way they'll have no choice but to hate us!

A: With so many good ideas like that, B, you're bound to get a promotion!

rapid1 3 years ago

ROFL; this is done by all manufacturers I would imagine, it is also not only true about smart phones. Every PC you use sends user data of to someone, somewhere. What do think analyses is you use Google right, heck the iPhone sends in a plethora of information on everything you do as well.

AReid 3 years ago

We shouldn't be surprised by this. One major reason for collecting usage information is to analyse how they can improve upon the services they provide. For example, they see that many users are carrying out the same task repeatedly but access to the task they are carrying out is not as easy as it should be. They change how the task is accessed in their next update and many users are thankful for the update. Don't always assume that companies are using our information for 'evil,' as it's now commonly called. Hell, this website has just collected my facebook information to allow me to post this comment. How do I know what you're using this information for? All companies collect our information now a days and there are a huge number of reasons as to why. Google does it, Facebook does it, Microsoft does it and so do all the other major organisations out there. Besides, if the information they share with third party organisations can't be used to identify you then why should you be worried about it at all? If you don't want your usage collected then stop using mobile phones altogether. Even your mobile service providers track your usage. That's my opinion.

Realneil 3 years ago

I'm not happy with this activity, and or course, will not trade with them because of it either.

Chikkensoop 3 years ago

Don't attempt to wreck a company's reputation until you know the facts... Carrier IQ is something Sprint put on their phones and it isn't found on any phones (HTC or otherwise) outside their network. You want to be pissed? Be pissed at Sprint.

AKwyn 3 years ago

[quote user="Chikkensoop"]Carrier IQ is something Sprint put on their phones and it isn't found on any phones (HTC or otherwise) outside their network. You want to be pissed? Be pissed at Sprint.[/quote]

Good reveal new user.

Also we should be pissed at everybody. I mean they're tightening down their belts on tracking and information collecting right; why should we be pissed off at one company?

stinkymeat 3 years ago

Also we should be pissed at everybody. I mean they're tightening down their belts on tracking and information collecting right; why should we be pissed off at one company?

TaylorKarras is right about Chikkensoop being right.

Seriously, though. It is important that this information stays anonymous. The moment that it could cause a breach of privacy, location and/or finances if it fell into the wrong hands is time for the companies to re-think their policies. It would behoove all companies to make sure this information is not on their system. Sony learned that earlier this summer.

If the information can be used by hackers or even law enforcement, it shouldn't be collected.

They're having such a hard time with Apple right now, why are they trying to be like the enemy?

realneil 3 years ago

Now that we know that CarrierIQ is all over the place and on MOST Smart Phones that are sold in America,.......

Sorry Chikkensoop, you were wrong about this BS.

Here is a link to a site that has a way for you to delete it.

Chikkensoop 3 years ago

info on carrier IQ

Post a Comment
or Register to comment