Thursday, December 1, 2011

How to test your Android device for Carrier IQ rootkit

Para leer esto en español, clic aquí.

If you have a rooted Android device then you can check it for the Carrier IQ rootkit right now. Trevor Eckhart, aka, TrevE over at xda-developers, the security researcher who exposed the whole Carrier IQ debacle, posted an .APK you can install yourself to test for logging services like CIQ. Trevor also has a paid ($1) version of the tool that can remove CIQ on certain devices but we can't recommend it after seeing a few reported issues in the related forums.

The Verge ran the test on a Samsung Galaxy S II (GSM) running on the UK carrier Three. It came up clean (see image above), unsurprisingly given the custom Cyanogen ROM that we're using. Dutch site Tweakblogs has readers reporting back their findings and thus far, only a single device, the 7-inch Samsung Galaxy Tab GT-P1000, returned a match for CIQ.

Back in the US, Jeffrey Nelson, of Verizon claims that Carrier IQ is not installed on Verizon phones. We'll be testing that claim soon enough. Meanwhile, let us know how your own testing goes in the comments below.

I tested this APK on my South African Samsung Galaxy SII and apparently doesn't have any CIQ software, I'm using an official ROM from Samsung.

Also, if you like the news you find here, please don't forget to click in the advertisements. :)

Via | The Verge