Trevor Eckhart who found out about CarrierIQ posted this video showing how the app registers information in realtime, such as keystrokes or SMS messages even before the user sees them.

Wired has a nice writeup on what has transpired up until now.

There is also the training video collection by the company on how their software works mentioned in the EFF's response to the cease and desist letter. Apparently these videos were available from the CarrierIQ website but have since been taken offline.

It seems to be a somewhat local thing though, from what I've seen only some US operators were involved in adding the software, which would explain the lack of mainstream media coverage.

In any case, anyone thinking about donating to charity this Christmas, why not consider the Electronic Frontier Foundation?

"I really need to get around to packaging that up and stick it in the repos for the few people who'd want it. "
-> any bits help, count me in as "one of the few" interested.

Right now the easiest way for me to see what my N900 / N9 is up to is to check the real time logs on my router via the computer monitor.

I was checking the N9 default traffic before I was even inserting any data and could not see any suspicious connections, not even something like N900 connecting to IBM Notes server by default.

But who will tell the loging packages do not sneak out with check for OS updates, knowing manufacturers like HTC are clearly involved?
Is that why *they* need us to walk around with those dual cores, to compress and encrypt their future login packages in real time? To allow them to monitor more? Even sound and video?

Why a user friendly firewall does not exist on Maemo?

Jailbroken iPhone users get to enjoy Firewall IP that will alert you for outgoing connections, Android users at least got DroidWall (ip tables configuration front end) and can start to work with a clean white list.

Sadly even intelligent iPhone/iPad users don't seem to install Firewall IP by default. Well they are getting what they deserve then?

Holy ****!

Well, whatever kind of *software* firewall you run can be disabled (or configured) by any program running with euid = 0. I assume a decent manufacturer would let their rootkit run as root , so no firewall will protect you from that.

Look at Windows. It has a good firewall, but basically any program can open whatever ports it needs, without asking you. In Linux this is not common, but perfectly doable.

I guess you could block all outgoing ports using iptables and then check from time to time if anything has messed with your rules.

Plus if the rootkit runs in the kernel it can easily bypass the firewall. Same as decent rootkits running on Windows.

http://www.theverge.com/2011/12/1/26...sed-carrier-iq

It looks like Nokia has come out and said that they do not install it on their phones. The one thing they can't speak to is if a carrier adds this after the fact.

I tried snooping around last night. I didn't see anything peculiar running in the kernel, but then again if this thing is running as root it could easily hide itself. I also didn't see anything funny on my router.

I think N9s purchased unlocked are clear. The only other thing I could think of using to analyze this would be wireshark.

I also connected my N8 and looked into its traffic via my router. I didn't see anything there, but then again I am running a custom firmware on it.

I am still looking for some list of programs that are installed on a new N900 with some checksums (md5) so that I can see which applications have changed.

I'm not sure storing customer information would be legal in the EU, so as the N900 has a global firmware, I highly doubt there is anything in it. Might be the case for the non EU N9, but doubtfull as well.

"“Our technology is not real time,” he said at the time. "It's not constantly reporting back. It's gathering information up and is usually transmitted in small doses.”"
http://www.theregister.co.uk/2011/11...ne_spying_app/

That supports my suspicion that they send this in small portions when other applications do their sending.
You won't recognize that unless you keep certain tools running to watch your network.

"and smartphones from Nokia contain the same snooping software, he claims."
Which other Nokia smartphones are there currently except
N9* ?

If I was trying to hide some spyware activity, that's exactly what I would do - try and hide it amongst normal activity.

That's why original finder used sniffer to reveal it. Maybe it's time for porting properly, fully functional wireshark for N900? I know it can be achieved now, but AFAIk it's not full-featured, and require PITA amount of work to set it up.

/Estel