Carrier IQ Pegs Handset Makers for Insecure Logs
Updated: corrected which carriers use CIQ and which do not.
Carrier IQ insists that its software is secure, and that the only reason insecure user log files are being stored as plain text on devices with Carrier IQ installed is due to modifications made by handset manufacturers. Speaking to The Verge, Carrier IQ's Vice President of Marketing, Andrew Coward, explained that Carrier IQ doesn't have access to the information that's being collected by wireless network operators and handset makers. Carrier IQ created an API that lets handset makers communicate with Carrier IQ's software. The carrier is the party responsible for collecting and storing the user information before it is handed off to Carrier IQ's software. Carrier IQ admitted that it does monitor user behavior and create its own log files, but that these files are encrypted and inaccessible by anyone other than Carrier IQ. The company has come under fire recently for alleged privacy violations on Android and other smartphones. AT&T, Sprint, and T-Mobile admitted that they use Carrier IQ's software for network management purposes, but Verizon Wireless does not.