T-Mobile Posts Internal And External Quick Guides For Carrier IQ Information

PhoneDog Media Exclusive
Download iM5, now available in the App Store and Google Play. iM5 is a PhoneDog Media backed Social Platform to inspire real-life action through the crowdsourcing of ideas. See the video

With the Carrier IQ story remaining in the headlines, T-Mobile, like AT&T and Sprint are playing a bit of defense by helping assure customers that this information is only used for information collecting purposes. To help any customers who might continue to have questions about this matter, T-Mobile has posted a short Q & A for front-line employees as well as a quick document on their support forums to help assure concerned customers.

One thing of note here is that T-Mobile will offer an option for business customers and not for consumer accounts. If you have true concerns about Carrier IQ, I’d highly suggest giving a look at the rest of the internal images after the text and seeing exactly what T-Mobile and Carrier IQ are doing with your data.

I’m of two minds here. The first part is that I don’t mind that T-Mobile is capturing performance information, if it’s being used to improve network efficiency, then I’m all for it. The second part of this concerns the capture of all of our keystroke in a syslog…that’s concerning. The idea that carriers might not have known about this is worse because carriers are including applications on smartphones without fully understanding their function and that is cause for concern. Did the carriers not fully test this software being allowing it on their smartphone lineup? If this is an oversight, it should be corrected and immediately as the lawsuits (valid or not) are already beginning.

Give the following intel a read and let us know how you feel.

P.S. Lifehacker.com has a great guide for helping to determine if your smartphone contains the Carrier IQ software.



Tags: , , ,

  • Anonymous

    im really surprised this hasnt blown up on the national news yet.  Im sure the media will have a field day with it.  I have been using ROMs since forever, so its never been on my phone.  I just think carrier I Q has a lot more to answers to give us.

  • http://pernecky.blogspot.com Mike

    I’m with you David.

    I’m fine with collecting basic data to improve network performance…but I’ll be damned if I’m ok with allowing any key logging on my slow as molasses My Touch 3G.

    Give me the power to easily disable key logging immediately, T-Mobile.

    • Anonymous

      You have GOT to replace that thing man.

      • http://pernecky.blogspot.com Mike

        Haha you’re telling me.  It’s a sack of crap!  Come February and I’ll be back in the game.  This reminds me of the old PC days where you had to replace your computer every 2-3 years or be left in the dust. 

        Does this happen to iPhones as well?  The whole “slowing to a crawl after 3 years” thing?

        • Anonymous

          My Fiance went from HTC Mytouch 3G to the 4G to the Sensation and that 3G was a hunk of trash on its last days.  It now lays next to an HTC Touch Pro 2 which turned into a brick within a year.  I’m not taking a dump on HTC buuuuut…

          An I would say no the iPhone does not have this problem.  My co-worker has a 3GS that runs like its supposed to.

        • Spanky

          Don’t know about iPhones, but my 3rd gen. iPod Touch started noticeably lagging after one of the recent software updates.

  • Anonymous

    All the more reason to root your phone and install a new ROM.

  • Wilma Flintstone

    This kind of thing should’ve been released BEFORE this news got into the headlines.  Glad they’re doing something about it now.

    Kind of glad I didn’t jump off the HD2 quite yet now.

    This is going to definitely make ALOT of people Root their devices that normally wouldn’t have.

    The Carrier IQ thing sucks regardless and manufacturer’s AND carriers should’ve notified people of this infringement.

  • Anonymous

    Although T-Mobile does not use the tool for sensitive information, it is still collected by Carrier IQ is it not?

    • Steve

      Yes and it has the potential for T-Mobile to collect that information with out your knowledge. They say they do not do it now but what about in the future. What happens if one of their staff dissects this data gets user name and passwords and decides to sell it or use it for illegal purposes. Are they liable for our losses? So really the answer is they have the potential, they do not do it now but could in the future and you have no control over it. Time to put T-Mobile in a breach of privacy status. We have legal rights and do not have to accept everything these companies force on us. Contracts are a 2 way street not a 1 way as they seem to think.

  • steve

    Business customers can opt-out, but consumers can-not. WTF T-Mobile?!

  • Brian

    I’m fairly confused. Privacy? Maybe I missed something but I can’t think of much that I type into my phone that DOESN’T get sent over the network to t-mobile anyway– with the exception of data over WiFi. 

    Do you really think txts are secure?People are so paranoid, that’s like all of a sudden complaining about Comcast monitoring your data (which they do, that’s how they throttle). It’s not like it’s a bunch of guys sitting in a room getting a few extra faps in every time you sext your girlfriend and NOT send it.

    It probably just appends to a giant statistics database where they can see “oh people who use a phone with a hardware keyboard txt 5% longer sentences than those without.” Useless data to us, but I can imagine it influencing their decision on their next phone hardware.

    I’m mostly annoyed that it’s more bloatware but it takes up < 2MB of storage/ram and is sent every 24 hours so battery and resources aren't much of an issue. It doesn't even count as data usage.

    • Brian

      I think I got a little carried away, sorry. 

      In other words, I agree with you David. :)

      • Wilma Flintstone

        Carrier *Pun* Lol

    • Anonymous

      Yeah, I’m sure the carrier is already capable of seeing most everything I transmit over my phone, they already know contents of text messages, what sites I’m going to, where I’m at, etc.  The real concern is the keylogging ability, as I type a password into an https page, the carrier should not be able to see what my password is.

      • Maschwar77

        And the carrier won’t be able to unless the connection is proxied and the proxy presents the certificate to the HTTPS website.  You would know if the connection is proxied because you would get a certificate warning on many websites.

        • BusinessAsBruisual

          Watch the video the guy did that discovered this CIQ stuff. You’ll see that the software stores unencrypted username and password as it would have been typed in BEFORE https encryption for shipment over the network.

          SOOOOO if THAT data file happens to get shipped back to T-mobile w/o encryption…presto chango we have a breach of personal security and privacy. T-Mob does NOT get to see this information normally.

          Folks gotta remember, these carriers are now handling a whole new level of our tele(data)coms and maybe, just maybe, they aren’t up to the standards necessary to be entrusted to do so.

          Heck, I’d be fine with the NSA tapping my data stream piping through an AT&T interchange before I’d be fine with some desk jockey at a celluar carrier (be that in the US or India ;-) being able to access the same!

        • Frigadroid

          You should be fine with it you have no choice in the matter. How would you like to be on China mobile with a huawi built network? Granted with the level of incompetence displayed at tmobile over the last two years they have lost their greatest assets, great costumer service & the subscribers confidence.

        • Habbit

          Heck, I’d be fine with the NSA tapping my data stream piping through an
          AT&T interchange <—

    • Anonymous

      Did it ever occur to you that the reason all of this context is known would be due to this software? Without it, you think monitoring our every move is that easy?

  • http://twitter.com/TuckerPeterson Tucker A. Peterson

    With the amount of stuff in the news about privacy why would they not just give you a f***ing choice to opt in or out?

    • Anonymous

      That’s exactly why this company is controversial.. They didn’t allow to opt out..

      • http://twitter.com/TuckerPeterson Tucker A. Peterson

        I know.  I should have worded it different.  It’s like politicians, celebrities etc who do the same dumb shit people before them did.  The news is a great guide to what people and companies should not do.

  • Guest34334

    This is gonna make for some fun calls when I get in to work today….sad thing is.. i’m just as pissed about the whole ordeal…too bad I can’t tell these customers what I really think!

  • Anonymous

    When i first got my GSII, first thing i did was root it, flash a custom rom, and surprisingly no CIQ even the rom is developed b4 this whole CIQ shxtstorm.

  • suddenly

    It should not be on the phone period, it should definitely not broadcast the data doing so just increases the risk of the data being captured.  If they want to hold the data on the phone and collect it later for debugging that’s fine, so long as they get my permission first.
    Since when has support staff at a mobile company ever told you that they are accessing your phone to determine the cause of your problem, like never!    
    The reasons they are giving for this being on our machines is damage control, they never use it.  
    I once had support tell me that the tower in my location was operating fine and so they could not determine the reason for my dropped calls, end of story.It needs to be removed.

    • Maschwar77

      Absolutely!  It is spyware.  I want to be asked first for permission.  Chances are, I will probably grant permission if nothing personal is being stored.

    • Yawny

      Yeah, exactly. 

      Meanwhile, try asking T-Mobile to help track down your stolen phone (or to otherwise hand information over to law enforcement so they can) and all you get is “sorry, we can’t do that, don’t have that information, you should have bought the insurance” (in other words, we look forward to selling you another phone and at the same time supporting the underground trafficing of stolen phones).

      • Wireless_oneder

        In my town, even if you know the location of the stolen phone (using latitude) they would only fill out a police report.  They would not investigate or attempt recovery of the device. They told me to file an insurance claim. My $500 phone wasn’t an important enough a crime. At least they didn’t pepper spray me for hassling them.

  • Lawrence of Arabia

    This is why I don’t buy Tmo branded devices.
    1st The tmo logo looks ugly in the front glass.
    2nd Bloatware
    3rd Now CIQ !.

    • Anonymous

      You’re stupid. #1 isn’t a reason not to buy their service. I bet they don’t like your face either. #2… All providers have bloatware… Use a custom ROM. #3 unless you are a Verizon customer, like me, you are subject to CIQ.

      Also… Logo impression is your #1 concern? Yikes…

      You are just a troll, whining on the comments.

      • Lawrence of Arabia

        1. I don’t want to be looking at a huge t-mobile logo for 2 years, like the one in the HD2 or SGS2.

        2,3. I have a Nexus S. wich doesn’t have CIQ or bloatware.

      • Anonymous

        You’re stupid because it was never said that their service wasn’t bought but it was said that their devices weren’t. You’re answer to #2 is not a solution – using unbranded devices is the best and easiest way to stay clear of CARRIER bloatware. Why use a custom ROM and void your warranty if you can avoid the bloatware. The only bloatware you have to deal with in a situation like that is what the manufacturer puts on if there’s a custom UI. The troll is none other than you.

      • Lawrence of Arabia

        BTW reason 1, have u seen an iPhone with carrier logos? No, Apple knows it looks ugly and they don’t allow the carriers to put it.
        Enjoy your ugly verizon logo and unknown tracking software used by big red fool.

  • Toomyfriends

    I want too flash my phone before it is to late

  • ItsMichaelNotMike

    LOL… I don’t think T-Mobile will be hiring David to do its explanation or write-ups. Unless T-Mobile did in fact mean to say what David says in here:

    “T-Mobile, like AT&T and Sprint are (sic) playing a bit of defense by helping assure customers that this information is only used for information collecting purposes.”

    Unless, of course, I don’t understand what “information collecting purposes” means. To be sure, I don’t want a carrier collecting information from my phone.

  • Guest2121

    Too bad its being blown out of the water for no reason, T-mobile is not collecting key stores of anyone’s phone. Think what you want

    • Trjcasper

      Computerworld reported that Nielsen (TV ratings people) is also a customer of Carrier IQ. I don’t expect Nielsen to be interested in why my call dropped or other diagnostic information. They probably have a completely different data set they want to augment their stats used for marketing. Even if Tmobile’s terms and conditions covered this software being on the phones as being a fair use, who agreed to our phones snooping on us for Nielsen? 

    • Jc

      http://money.cnn.com/2011/12/02/technology/carrier_iq/index.htm?source=cnn_bin

      Apparently CIQ had “no idea” they were collecting keystrokes.  Incompetent or lying?  

      • XgamerM

        The video doesn’t show CiQ logs…it shows the OS log, CiQ seems to have been saying they were surprised to see the OS log have such sensitive information in it…that video shows an device OEM (HTC) issue, not a CiQ issue.

        • Jc

          Except, ya know, all of the keystrokes are logged with CiQ debug information… com.carrieriq  

          It may well be HTC’s fault, but wouldn’t CIQ have checked to see where their logging information was going?  I mean, they *are* responding to keystroke events, and they *are* writing it out to syslog.  That’s not in dispute here.

      • XgamerM

        [On a CNN.com article quoting him saying he was "surprised" by
        data logging] “I think my comments were misconstrued. I said that
        there is an
        Android system debug log in the phone (not related to CIQ)
        which generates log messages of what is happening in the device and it
        was this information that the security consultants were able to view.
        FYI this debug log viewer is called logcat.”

  • Tuliom Mesa

    market(dot)android(dot)com/details?id=org(dot)projectvoodoo.simplecarrieriqdetector

    Replace dot with a .
    This one detects if you have carrier IQ on your phone.

  • James

    I’m just curious how much data is used by this and I’m sure it goes against our data high speed caps.

  • Anonymous

    Am I the only one who is not too concerned about this? Do you realize how many apps, websites, programs (on computers as well as on your phones) collect information that is sensitive? Lifehacker also had another post about CIQ today that reminds you that Foursquare, for example, collects your phone number, phone ID, location, age, gender, contacts, and of course your Foursquare user name and password.

    While I understand that many of us would like the ability to turn off certain aspects (or all of) CIQ or similar programs, they are not nearly as malicious as everyone is making them out to be. Within T-Mobile’s service agreement it states: T-Mobile may retain, use, and share information collected when you
    download, use, or install some Content & Apps, may update your
    Content & Apps remotely, or may disable or remove any Content &
    Apps at any time.

    Additionally the privacy statement that they use information for (among other things) creating and improving products and services. HTC, for example, allows you to optionally send device information to their servers in the event of an unexpected error or restart occurring. They do this so that they can put out a patch that can fix those issues in the future. Is it optional? Yes. However, the data is already logged on the phone, all you’re doing is allowing it to be sent for troubleshooting purposes when you select that option.

    Think about it like this, every smart phone, computer, etc, is constantly creating logs of events in the background. That is not the issue here. The issue that people are afraid of is that their keystrokes and every other event is being sent to someone and that the information can be used to identify them, their passwords, phone number, location, etc. Many apps send coarse location and other info out, but many times it is anonymous and only exists to target ads to your country/language, or obviously your location for maps or check-in type apps like Foursquare.

    The real issue that many people have is that they were unaware this was all being logged and that it is installed by the carriers themselves, as pure AOSP builds do not have the CIQ in them. There are many other apps that collect similar data and no one is taking issue with them. The only thing some people are asking for is a way to turn off the logging easily, with just one click/swipe. Basically what I’m saying is, don’t fall for the FUD this is creating.

    The Lifehacker post I’m referring to is here- http://lifehacker.com/5864518/is-my-phone-spying-on-me-and-what-can-i-do-about-it?tag=ask-lifehacker

    • Anonymous

      “…Lifehacker also had another post about CIQ today that reminds you that Foursquare, for example, collects your phone number, phone ID, location, age, gender, contacts, and of course your Foursquare user name and password.”

      And that, is precisely why I don’t use those sorts of services. 

      The question isn’t whether I have anything to hide. The question is whether a company (or companies) that ostensibly provides me with only those services which I’ve requested, paid for, or consented to, are entitled to collect information about me without my knowledge. I don’t care what they are using the information for, the fact is that it’s none of their business and their denials ring hollow. 

      Either ways, this made up my mind. We’re switching to Verizon. Bye bye T-Mobile. It’s been a fun ride, but there seem to be more lows than highs these days, and you’ve got boundary issues and frankly, I think we’re done.

      • Tuliom Mesa

        umn Verizon also has CIQ just saying.

        • http://tmonews.com David

          Actually, Verizon has been adamant about them NOT having CIQ. One of their communications folks has been a hurricane on Twitter stating unequivocally that Verizon does NOT have CIQ.

        • Anonymous

          Although they technically didn’t say they weren’t using a software like CIQ.

  • TMOsince2003

    It’s not on my phone but it’s on the one I want to buy. What really pisses me off is that all of the carriers INCLUDING TMO just decided to hide the software and disable consumer access to the off switch. Arrogant jerks.

    • TMOsince2003

      If you read the internal screens, they will allow business account to turn it off.

  • http://ronscoupons.com/supplementstogo-coupons/ Ron

    Seems like all carriers and manufacturers are trying to cover their butts now.

  • Guest

    pes·si·mism   [pes-uh-miz-uhm]  Show IPA
    noun1.the tendency to see, anticipate, or emphasize only bad orundesirable outcomes, results, conditions, problems, etc.:

  • http://pulse.yahoo.com/_D2IXQBNV6AFXKA653G5R5CX5ZQ Donot

    I knew opting out of T-mobiles arbitration agreement was advantageous. I even gave T-mobile the opportunity to allow me to cancel my contract, with no early termination fee. Well, I guess T-mobile enjoys being sued.

    Small claims court; Use it people!