Your Android Phone Is Secretly Recording Everything You Do.

If you have any decently modern Android phone, everything you do is being recorded by hidden software lurking inside. It even circumvents web encryption and grabs everything—including your passwords and Google queries.

 

Worse: it's the handset manufacturers and the carriers who—in the name of "making your user experience better"—install this software without any way for you to opt-out. This video, recorded by 25-year-old Android developer Trevor Eckhart, shows how it works. This is bad. Really bad.

Update: Nokia wrote to us saying that Carrier IQ's spyware is not included in any of their cellphones.

Fast forward to 9:00 for the damning sequence.

The spying software is developed by a company called Carrier IQ. In their site, the company says they are "the only embedded analytics company to support millions of devices simultaneously, we give Wireless Carriers and Handset Manufacturers unprecedented insight into their customers' mobile experience."

Who has this problem?

 

It seems like a good goal and, indeed, most manufacturers and carriers agree: according to Eckhart, the spyware is included in most Android phones out there.

Eckhart claims that Carrier IQ software is also included in Blackberry and Nokia smartphonestoo. It probably works exactly the same in those smartphones as well. However, there's no proof showing these problems in those phones. There's no mention about Apple's iPhone.

It also doesn't even matter if your telephone was purchased free of carrier contracts. As Eckhart shows in this video, it's always there.

The problem is that it does a lot more than log anonymous generic data. It grabs everything.

How does it work?

 

Carrier IQ's software is installed in your phone at the deepest level. You don't know it's there. You are never warned this is happening. You can't opt-in and you certainly can't opt-out.

The commercial spyware sits between the user and the applications in the phone so, no matter how secure and private your apps are, the spyware intercepts anything you do. From your location to your web browsing addresses and passwords to the content of your text messages.

This even happens using a private Wi-Fi connection instead of the carrier 3G or 4G connection.

The company denied all this in a public statement (PDF):

While we look at many aspects of a device's performance, we are counting and summarizing performance, not recording keystrokes or providing tracking tools

But the video clearly demonstrates that this is not true: Keystrokes submit unique key codes to Carrier IQ. Even secure connections are intercepted by the spyware, allowing it to record your moves in the open. These connections to the web are encrypted but, since Carrier IQ's spyware sits between the browser and the user, it grabs it and sends it in plain text.

The spyware can even log your location, even if the user declines to allow an app to know where it is. The hidden Carrier IQ app ignores your desires, intercepts the data and gets your location anyway.

What can you do to avoid it?

 

Unfortunately, not much. The hidden spyware is always running, and there's no option in any of the menus to deactivate it. Unless you're a grade-A blackbelt hacker, you're out of luck. Even Eckhart, who is a developer, finds it difficult to remove:

Why is this not opt-in and why is it so hard to fully remove?

It's an excellent question. One that urgently needs an answer, from Carrier IQ but especially from every handset manufacturer and carrier involved in this situation.

The solution to this problem is not installing a custom ROM. That's something that shouldn't be required from consumers, something that normal people will not be willing to do. Products must respect privacy rights out of the box. Consumers must be informed about this the moment they turn on their phones in a clear way. They should have the possibility to opt-in and opt-out whenever they want, with a single click. This matter should be solved now by Carrier IQ, the handset manufacturer and the carriers.

Fire in the Sky: iPhone Ignites on Australian Flight.

An Apple (Nasdaq: AAPL) iPhone 4 began emitting smoke and appeared to spontaneously combust on a recent Regional Express flight to Sydney, Australia.

The phone was emitting a significant amount of dense smoke, accompanied by a red glow, according to Regional Express.

Standard safety procedures were followed and no one on board was injured. The phone was handed over to the Australian Transport Safety Bureau for further investigation.

No such incident had happened on a Regional Express flight before, a spokesperson for the airline said, and there was nothing otherwise significant or unusual about that flight in particular.

Apple did not respond to our request to comment for this story.

Apple Explosions

It's not the first time an Apple product has apparently spontaneously combusted. Reports of flaming iPods and iPhones burning users or starting small fires have come up in the past, such as a 2009 report from Liverpool, England, where a father claimed his daughter's iPod touch exploded; he was reportedly offered a new one on the condition he sign a confidentiality agreement.

That and other reports, such as an iPhone 3G burning a significant hole through a car sear, have not been confirmed by the company.

In some cases it's been found that other technologies are at fault. For example, in 2010, a user reportedly complained that an iPhone 4 caught fire and burned his hand; it was later concluded that a faulty USB port was to blame.

However, when a mobile gadget does flame up on its own, it's often related in some way to the device's battery.

Apple has in the past recalled its first-generation iPod nanos sold between September 2005 and December 2006 because of the risk of batteries overheating. However, the problem isn't limited to Apple or handheld devices.

"There have been several issues with these batteries in the past, although the vast majority of the problems were with laptop batteries," Bill Morelli, director of mobile technologies and convergence at IMS Research, told MacNewsWorld. "A few years back there were several issues with laptop batteries manufactured by Sony (NYSE: SNE) that were related to problems in the manufacturing and ultimately led to a recall,"

Lithium Lags

Part of the reason mobile device battery safety risks persist is because of the highly complex chemistry needed to develop longer-lasting battery power. While advances in areas such as hardware and integrated systems have made giant leaps over the past decade, lithium ion battery technology is still a relatively recent development.

"Battery science is unfortunately a limited science and does not follow advancements likeMoore's Law with semiconductors," Ben Bajarin, director of Creative Strategies, told MacNewsWorld.

In larger-scale products such as battery-powered automobiles, the limitations pose a much greater challenge. On the consumer device level, though, the safety hazards aren't usually so great that a recall is necessary. In the case of an iPhone or another mobile handset, especially, reports of mobile device flare-ups are relatively few and far between.

"There have been no widespread reports of problems with the iPhone batteries, so I suspect this particular incident is more of an anomaly," said Morelli.

Man builds girlfriend $125 iPad.

We are great supporters of love here at Technically Incorrect.

 

Which is why this tale of amorous electronic ingenuity far beyond using pepper spray on Black Friday, brings us to a state close to stinging tears of wonderment.

The way China Daily hums it, Wei Xinlong, a college student at the Northeast Normal University in Changchun, really wanted to make his girlfriend, Sun Shasha, very happy.

He knew she would love to be in possession of the world's No. 1 passion possession, the iPad. However, he didn't have the money to effect that love. So he set about building an iPad from scratch.

So imagine something that looks a little like this, but thicker and with rhinestones.

(Credit: CC Pedro Eugenio Artunes/Flickr)

 

Like all resourceful students, he took to the Web and learned as much as he could about the way tablets are built.

Then he bought a touch screen and a battery--online, naturally--and set to work. He reportedly cobbled together parts from an old laptop he bought, also online: the motherboard, the display, and the memory, for example. Then he finished it off with some pretty little rhinestones all the way round the outside. (A picture is here.)

"One can read, download, watch movies, play games by just touching the screen," he told China Daily News.

Oddly, though the home-made creation is Windows 7 enabled, it does seem to have an Apple logo on it-- something that might amuse a few lawyers and stimulate a few counterfeiters.

The whole cost of the homemade machine was 800 Yuan, which, at today's inflated prices seems to be $125.

Sun Shasha, for her part, couldn't have been more deliriously happy. She told China Daily News: "This is the best gift I've ever had, and I will keep it forever."

Surely, with so many vast technical brains in the U.S., some dashing gent must have tried to make his lover a personally crafted iPad. 

Or has love lost its creative power over here in the West?

Cell-phone tracking mall operator has second thoughts

It seems that the Cleveland mall operator who last week declared it was tracking mall shoppers in California and Virginia via their cell phones has had a change of, perhaps, heart.

CNN reports that Forest City Commercial Management might have been encouraged to change its mind, heart, and attitude by a phone call from the office of Sen. Charles Schumer (D-NY).

The phone call might have directly relayed the substance of a press conference the senator gave on Sunday.

In it, he suggested that perhaps a more polite way to go about these things was to ask shoppers if they'd like to be part of such tracking, rather than posting small signs that told them the fun had already started.

Shoppers in Temecula, Calif., and Richmond, Va., had already been tracked on Black Friday. ("Oh, look! Mrs. Teagle has jumped on top of Johnny Hegel, trying to be first to the video games!")

However, today Forest City issued a statement that said: "We have temporarily suspended further trial of the technology while we work with the system developer on possible enhancements, and in deference to concerns raised by Senator Schumer."

The only way shoppers on Black Friday could have resisted tracking would have been to turn off their phones. But this would have been entirely inconvenient when so many would have wished to text all their friends to boast about the bargains they'd secured.

For its part, Forest City and the manufacturers, U.K.-based Path Intelligence insist that no personal information--for example, names and phone numbers--is obtained by the sleight of signal.

Indeed, Path Intelligence's fine Web site offers that the company is using this so-called FootPath technology merely to bring "online analytics to the offline world."

The only problem is that not everyone is yet comfortable with online creepiness. If we have to confront it in the physical world too, it just feels, well, double creepy.

Some would see no problem with tracking cell phones. After all, Google maps uses our cell phone location to help us get out of the three-foot lake we have accidentally wandered into after a night celebrating our third round of funding.

However, such tracking of our cell phones actually helps us. The difference with Forest City and Path Intelligence's approach is that they seem merely to be helping themselves.

Originally posted at Technically Incorrect

$4.23 a day: On the timing of a Black Friday iPad 2 purchase

Apple released the first iPad, the 16GB Wi-Fi-only model for $499, on April 4, 2010. The $499 iPad 2 came out 342 days later, on March 11, 2011.

Another way to look at it is that you paid $1.46 a day for the original iPad before it was obsolete.

We lack the proper sample size for true statistical accuracy, but based on the number of days into a new year Apple released its first two iPads, we can take the average of April 4 (92 days in) and March 11 (69 days in), and guess that the iPad 3 will arrive 81 days into 2012. That would be March 22. That would also mean a 377-day life cycle for the iPad 2.

If you agree to play along with that projection, then the $499 iPad 2 comes out to costing $1.33 a day before obsolescence. That's a relative bargain compared with the first iPad.

But what does that mean for the value of an iPad 2 purchased this holiday buying season?

Let's take Black Friday--November 25. There are 118 days between November 25 and our March 22, 2012 guess for the debut of an iPad 3. That translates to $4.23 a day, or more than three times the daily cost of an original iPad during its life cycle as a new product. For an iPad 2 purchased (or opened) on December 25, that's only 88 days until it's out of date, or $5.67 a day.

An old iPad, of course, doesn't shed all of its value once a new model emerges. Amazon currently lists used, original iPads for $320 and used iPad 2s starting at $439. I wouldn't count on the same conditions for the used iPad market this time next year, not least because there will likely be another iPad in the mix to drive prices down. But considering current used prices, as well as the time of year, the timing looks right if you have an iPad to sell.

I don't really suspect anyone will second guess your fiscal wisdom should you purchase them an iPad 2 this holiday. As a matter of fact, my wife and I just bought one (and I don't believe this house I'm now standing in is made of Gorilla Glass).

Still, we all know that Apple likes a steady release pattern. Anomalies do happen, but going by the numbers, history says you should wait until spring to get maximum value for your tabletdollar.

Galaxy Tab ban: 'Not terribly fair to Samsung'

The Samsung Galaxy Tab 10.1

(Credit: Samsung)

Samsung's Galaxy Tab may have suffered an injustice in Australia with the imposition of a ban on sales of the tablet there, at least in the eyes of one appeals court judge.

At a hearing today in Sydney in a patent case pitting Samsung against iPad maker Apple, Federal Court Justice Lindsay Foster questioned an October ruling that quashed Galaxy Tab 10.1 sales. Samsung wants to get that decision overturned to avoid what its lawyer called "dire consequences," according to a report from Bloomberg.

"The result looks terribly fair to Apple and not terribly fair to Samsung," Foster said of the decision to put the ban in place.

A decision could come next week on Samsung's request for the injunction to be lifted. The injunction was put in place by Federal Court Justice Annabelle Bennett as an intermediary step until a full patent case can be heard sometime next year. Apple reportedly has rejected a settlement offer from Samsung.

Apple is arguing that with the Galaxy Tab 10. 1, Samsung is "blatantly copying" the hardware and software designs of its iPad. It has made a similar charge that Samsung's Galaxy smartphones are too similar to Apple's iPhone. The patent battles between Apple and Samsung extend beyond Australia to other cases in Europe and the U.S.

In a tit-for-tat effort, Samsung wants a court in Australia to impose a ban on sales of the iPhone 4S.

Also in the Galaxy Tab hearing today, Samsung argued that commonalities in tablet design extend to a great many devices, and thus to undermine the rationale for the ban on its tablet.

"Not only are there many [similar] products on the market...and there was evidence before [Bennett] that the other devices had the same functionality as the Samsung tablet," Samsung's representatives told the court today, according to CNET sister site ZDNet Australia. "Evidence of functionality was given...in an affidavit, and [it] examined and depicted by video the functions of a whole range of manufacturers, including Acer, Asus, Pioneer, Samsung, Motorola."

Apple teases its new NYC store--oh, and what's this about 3D iPads?

The teaser signage in front of Apple's new Grand Central store.

Apple took this week off as a company holiday, but that doesn't mean things stood still.

The week kicked off with a rumor that Apple was planning to open up its Grand Central Terminal retail store in New York in time for Black Friday, but that deadline came and passed. Not all was uneventful though--Apple put up a sign confirming that the store was "arriving soon."

The space, which Apple is reportedly paying in excess of $1 million a year to rent, is more than 23,000 square feet and stretches between two balconies. By comparison, Apple's Regent Street store in London is 25,000 square feet, 22,000 square feet of which is accessible to the public.

Some 750,000 visitors transit the station each day--and up to a million a day during the holidays.

As it's done in years past, Apple held its Black Friday sale yesterday, offering discounts on a number of its products. It's one of the only times Apple puts things on sale, short of when a product is replaced.

If retail stores and sales aren't whetting your appetite, we've got a heaping plate of rumors below, including one about an iPad with a 3D display. Before getting too excited, the long and the short of it is that plans for the device were scrapped. More on that, and the rest of this week's happenings below.

Apple Talk Weekly rounds up of some of the top Apple-related news and rumors. It appears every Saturday morning and is curated by CNET's Apple reporter, Josh Lowensohn. The column is taking a brief hiatus while Josh goes on vacation, and will return December 24, 2011.

S3's case against Apple crumbles at ITC
The U.S. International Trade Commission this week said that Apple is not violating patents held by S3 Graphics in its products, and that as a result, it was terminating its investigation on the matter. The decision follows a mixed ruling in July, where an ITC judge found Apple to be infringing on two of S3 Graphics' patents, while not infringing on two others.

Aaron Sorkin says he's "strongly considering" penning screenplay for Jobs movie 
The writer of the Oscar-winning film "The Social Network," and long-running TV series "The West Wing," this week confirmed that he's been pitched on penning a film about late Apple co-founder Steve Jobs. The tidbit follows news from last week about Sony Pictures looking to cast George Clooney as Jobs.

iPhone-related porn domains turned over to Apple 
The iPhone-related domains that led to pornographic Web sites have been turned over to Apple following a complaint by the company with the World Intellectual Property Organization earlier this month. That case was closed after the owner of the domains agreed relinquish them to Apple.

Samsung Captivate Glide thumbs-on review: Keyboard bummer

Credit: Josh Miller

AT&T's Samsung Captivate Glide is one of the carrier's two new Android-toting slider phones (the other is the Samsung DoubleTime.)

The Captivate Glide looks and feels like a member of the Samsung Galaxy S II pack, albeit a lesser model, with slightly more modest specs. There are still 4G speeds to be had with the HSPA+ network, and a dual core processor running the show with Android Gingerbread. However, there are also a couple of design flaws I had a hard time looking past, like the weak link of the keyboard, a bad Achilles heel to have if the keyboard forms your entire sliding form factor.

Still, if flat keys don't bother you as much as they bother me, the $150 purchase point is a fair one and the smartphone definitely delivers. Watch the video, see the photos, and discover more pros and cons in the full Samsung Captivate Glide review.

Google, Facebook, Zynga oppose new SOPA copyright bill

Foes of a controversial copyright measure have gained some high-profile allies: Google, Facebook, Twitter, Zynga, and other Web companies have joined the ranks of the bill's opponents.

They sent a letter (PDF) last night to key members of the U.S. Senate and House of Representatives, saying the Stop Online Piracy Act, or SOPA, "pose[s] a serious risk to our industry's continued track record of innovation and job creation, as well as to our nation's cybersecurity."

House Judiciary Chairman Lamar Smith (R-Texas) has invited five supporters of SOPA to testify tomorrow, but only one opponent.

(Credit: U.S. House of Representatives)

The protest was designed to raise objections in advance of a hearing before the full House Judiciary committee tomorrow at 10 a.m. ET (7 a.m. PT). The letter, also signed by eBay, Mozilla, Yahoo, AOL, and LinkedIn, asks politicians to "consider more targeted ways to combat foreign 'rogue' Web sites."

SOPA, which was introduced last month in the House to the applause of lobbyists for Hollywood and other large content holders, is designed to make allegedly copyright-infringing Web sites, sometimes called "rogue" Web sites, virtually disappear from the Internet.

An announcement of tomorrow's hearing leaves little doubt about where House Judiciary Chairman Lamar Smith, a Texas Republican, stands. It says SOPA reflects a bipartisan "commitment toward ensuring that law enforcement and job creators have the necessary tools to protect American intellectual property from counterfeiting and piracy."

Not only is Smith SOPA's primary House sponsor, but opponents are outgunned in both congressional chambers. SOPA's backers include the Republican or Democratic heads of all the relevant House and Senate committees, and groups as varied as the Teamsters and the AFL-CIO have embraced it on the theory that it will protect and create U.S. jobs.

Smith pointedly declined to invite any civil-liberties groups that have criticized SOPA, such as the Electronic Frontier Foundation, to testify before his committee tomorrow. The Motion Picture Association of America did get an invitation, however, as did the AFL-CIO and Pfizer.

Google will be the only dissenting voice, a tactic that may allow SOPA's supporters to characterize corporate opposition as limited, especially because the Mountain View, Calif., company has been enmeshed in so many copyright battles of its own. The Web companies' letter will let Katherine Oyama, Google's policy counsel, demonstrate that opposition is broader than one firm.

In addition, opponents were scheduled to hold a press briefing this morning inside the Capitol Visitors Center complex. They had invited Rep. Zoe Lofgren (D-Calif.) and Darrell Issa (R-Calif.) to speak.

SOPA is so controversial--EFF calls it "disastrous"--because it would force changes to theDomain Name System and effectively create a blacklist of Internet domains suspected of intellectual-property violations.

A Senate version of the bill called the Protect IP Act, which a committee approved in May, was broadly supported by film and music industry companies. But Google Chairman Eric Schmidtwas sharply critical, as were prominent venture capitalists, civil-liberties groups, and trade associations representing Web companies.

Even pop star Justin Bieber has weighed in.

In a recent radio interview designed to promote his Christmas album, Bieber said, referring to Sen. Amy Klobuchar (D-Minn.), who sponsored the Senate version: "Whomever she is, she needs to know that I'm saying she needs to be locked up, put away in cuffs... I just think that's ridiculous."

Update, 10:30 a.m. PT: Members of Congress opposed to SOPA have circulated their own letter (PDF), which was signed by Zoe Lofgren and Anna Eshoo, both California Democrats, and Ron Paul, the Republican presidential candidate from Texas, among others. They say SOPA will invite "an explosion of innovation-killing lawsuits and litigation." Lofgren (see CNET's previous report) has been critical of MPAA-backed copyright bills before.

Update, 1:40 p.m. PT: The we-hate-SOPA letters keep flooding in. A few dozen civil-liberties and left-leaning advocacy groups from around the globe now are circulating their own letter (PDF), which says that "through SOPA, the United States is attempting to dominate a shared global resource." Signers include Bits of Freedom in the Netherlands, the Electronic Frontier Finland, Reporters Without Borders, and, in the United States, Free Press and Computer Professionals for Social Responsibility. Notably absent are the two biggest such advocacy groups: Human Rights Watch and Amnesty International.

And another! This letter (PDF) is from a slew of law professors, including Stanford's Mark Lemley, Elon's David Levine, Temple's David Post, and UCLA's Eugene Volokh. They seem even more generous in their criticism than the other letters, warning that SOPA "has grave constitutional infirmities, potentially dangerous consequences for the stability and security of the Internet's addressing system, and will undermine United States foreign policy and strong support of free expression on the Internet around the world."

Originally posted at Privacy Inc.