I’ve been hearing about Carrier IQ everywhere the past couple of days, and rightly so. If what folks are saying is true, the carriers or handset manufacturers have been snooping on everything users have been doing on their phone. Carriers actually already know everything that’s done over their network, but Carrier IQ appears to log everything that’s done off their network and any key presses as well. So in theory all passwords used to access anything on the phone is logged and sent to whoever Carrier IQ is set to phone home to. It’s like having someone looking at the keyboard as you type in your bank password, it’s a very serious breach of security and trust.
It’s still a developing story, but several manufacturers have released statements that they do not include the Carrier IQ software with their phones. And HTC (whose phone was demoed in a video that the Carrier IQ software tracks more than they claim) have gone as far as to say that it’s the carrier’s fault since they require Carrier IQ to be installed on all phones running on their network. Without naming any names, of course.