Your Android Phone May Be Secretly Recording Everything You Do

If you have any decently modern Android phone, it's possible that everything you do is being recorded by hidden software lurking inside. It even circumvents web encryption and grabs everything -- including your passwords and Google queries.

Worse: it's the handset manufacturers and the carriers who -- in the name of "making your user experience better" -- install this software without any way for you to opt out. This video, recorded by 25-year-old Android developer Trevor Eckhart, shows how it works. This is bad. Really bad.

Giz AU editor's note: We're not sure how broadly this affects Australian phones just yet. We'll update this post when we find out more.

The spying software is developed by a company called Carrier IQ. In their site, the company says they are "the only embedded analytics company to support millions of devices simultaneously, we give Wireless Carriers and Handset Manufacturers unprecedented insight into their customers' mobile experience."

It seems like a good goal and, indeed, most manufacturers and carriers agree: according to Eckhart, the spyware is included in most Android phones out there. Carrier IQ software is also included in Blackberry and Nokia smartphones, so it probably works exactly the same in those smartphones as well. It doesn't even matter if your telephone was purchased free of carrier contracts. As Eckhart shows in this video, it's always there.

The problem is that it does a lot more than log anonymous generic data. It grabs everything.

How does it work?

Carrier IQ's software is installed in your phone at the deepest level. You don't know it's there. You are never warned this is happening. You can't opt in and you certainly can't opt out.

The commercial spyware sits between the user and the applications in the phone, so no matter how secure and private your apps are, the spyware intercepts anything you do. From your location to your web browsing addresses and passwords to the content of your text messages.

This even happens using a private Wi-Fi connection instead of the carrier 3G or 4G connection.

The company denied all this in a public statement (PDF):

While we look at many aspects of a device's performance, we are counting and summarizing performance, not recording keystrokes or providing tracking tools

But the video clearly demonstrates that this is not true: Keystrokes submit unique key codes to Carrier IQ. Even secure connections are intercepted by the spyware, allowing it to record your moves in the open. These connections to the web are encrypted, but since Carrier IQ's spyware sits between the browser and the user, it grabs it and sends it in plain text.

The spyware can even log your location, even if the user declines to allow an app to know where it is. The hidden Carrier IQ app ignores your desires, intercepts the data and gets your location anyway.

What can you do to avoid it?

Unfortunately, not much. The hidden spyware is always running, and there's no option in any of the menus to deactivate it. Unless you're a grade-A blackbelt hacker, you're out of luck. Even Eckhart, who is a developer, finds it difficult to remove:

Why is this not opt-in and why is it so hard to fully remove?

It's an excellent question. One that urgently needs an answer, from Carrier IQ but especially from every handset manufacturer and carrier involved in this situation.

The solution to this problem is not installing a custom ROM. That's something that shouldn't be required from consumers, something that normal people will not be willing to do. Products must respect privacy rights out of the box. Consumers must be informed about this the moment they turn on their phones in a clear way. They should have the possibility to opt in and opt out whenever they want, with a single click. This matter should be solved now by Carrier IQ, the handset manufacturer and the carriers.

If it isn't solved as soon as possible, authorities should nail them with everything they have. If you want to remove Carrier IQ from your phone, head over to Lifehacker for all the details. [Twitter, Android Security Test, EFF and Carrier IQ via Threat Level]



    So what I took from this is that a custom ROM might stop this from being a problem? Correct me if I'm wrong. CM 7 is looking more appealing....

    If it is happening on my phone I have no choice but to turn to the law. I never agreed to that or wanted it as a gross invasion of privacy the companies involved should have all profits from smartphones added to an arleady massive fine.

    This software isn';t installed on my htc phone but that's probably because it wasn't included in the hacked rom I'm using from xda-developers.

    It's a bit misleading to say "Carrier IQ’s software is installed in your phone at the deepest level" - it's just an app and a service like many others. It's not hidden.

    Having said that, it certainly is monitoring every keystroke but it's unknown what it does with that information. Since the code is linked into the keypress interrupts on the device, it isn't actually maliciously bypassing phone security for things like https connections. Yes, it's logging your keystrokes and thus can record your SMS and browser history, but it's not actually recording what's being received.
    The point of the software appears to be to record every action done so that there's a history available to help facilitate diagnostics.

    That this same ability would also allow it to transmit private information and consume a user's data allowance without the user's knowledge or permission is really the core of the matter. Whether there's malicious intent is purely speculation, but of course that adds to the drama that people love.

      Just to point out, the code is cooked into every single sense and touchwiz rom, from the kernel up, so its not just an app and service, its a far more profound problem than you could have imagined. Not even custom sense and TW roms are safe, only ASOP and CM are.

        Not included in my Samsung Galaxy S II - might be a US thing. Checked my rooted stock-firmware phone. All good :)

    I think most of us knew something like this would be happening anyway. Facebook tracks you. Google tracks you. ISPs track you. Movie companies track you. Banks. Governments. Manufacturers....only makes sense. Even your girlfriend prob tracks you now and you dont 'know' it.

      girlfriend? internet? rule 30

    Actually, when you install another input method it actually warns you about this. It's not so secret really.. it's just that people assume that phones are a closed system when they aren't.

    WOW - That's pretty bad! Even worse than the trouble Apple got in when they were found to be recording everybody's locations. I've been using a stock HTC ROM (not Telstras) so hopefully I'm ok?

    Or, since this hasn't been covered by any other reputable gadget blog, I'd just notch this up to Giz US's axe to grind against Android (like that laughable NFC 'dirty secret!' article). Seriously, these headlines are reaching WWII propaganda transparency now.
      The Register covered it in a more handset agnostic way, at the very least in the title. It's probably because the exploit (and it is exploitative) was demonstrated on an Android phone and like a kid with scissors, Gizmodo have let Jesus run with it.

        What? This has made a lot of sites over the last week or two - gizmodo isn't making it up and said spyware/rootkit really is that intrusive.

          Reply intended for parent -.-

          My issue is that no-one made this molehill into a mountain until blogs like Gizmodo took the reins with glee. So far, there is no indication as to the extent of this discovery, what it does, which phones it affects (though now most major platforms including Android, IOS and Blackberry appear guilty), and it's certainly nowhere near as egregious as the iPhone location tracker fiasco, which itself was blown way out of proportion.

          It's sensationalist hogwash because it appeals to populist paranoia rather than reason. The innate human fear of somehow being monitored like a lab rat. It amuses me that Joe Walmarts think they're important enough to be personally tracked by any measurable degree. This is the exact sort of yellow journalism Fox News employs every time they film a segment that drops a poor Orwell reference. It's a sign for us to activate our bullshit deflector shields.

      Steve your bias is showing.. and besides..

      They're still trying to get on the good books with Apple after the iPhone 4 saga.

    I would imagine that Australia's privacy laws would circumvent the legality of them using this in Australian phones... and if they were I reckon a nice little class action would soon put them out of business. Now if the handset manufacturers and telcos knew about it as well... hell that could be one hell of a class action lawsuit.

    Never trust Carrier ROMs :), only use custom ROMs rule number 1 :P

    Stop sensationalising this. IFF this is happening (and it probably is) they are not the first nor the last. It's happening on all your devices, browsers, social sites, search engines. Hell really read the "Privacy and Terms of use" of this page.

      So that justifies it? Wait, let me answer for you: No, it does not.

      Sensationalising? I'm glad I'm now informed as I have a galaxy sII on order. Whilst I expect it - it is unethical and breaches local privacy laws. Thanks Gizmodo. No thanks Jato. By the way is not your post - sensationalist? Perhaps you typed the post on your Android IRONY mobile phone?

    Why is the headline specifically pointing out Android, when the article also mentions other types of phones? If i'm not mistaken, the iPhone also has had tracking and monitoring "issues"? The headline really needs to be rethought.

    Furthermore, before posting to the Australian site, perhaps try to get comment from Australian carriers...

      I would be suprised if Apple let the carriers do this to an iPhone.

        Apple has had their share of controversy on issues like user tracking too.

        Its just a part of a modern marketing based economy... track everyone!

        they would for a slice of that info pie.

        LOL !! recent articles as so in any other tech blog now recognized that iPhone DOES all these tracking every single move you made !

        Surprise ??? really... don't be too naive just because you're in love with your iPhone.

          Ummm, the location tracking data files the iPhone was storing was store locally, not sent to a third party and only used for instant access for apps like maps, Facebook and the like. You can't compare that to this. The recording of keystrokes, sms's,and everything else you do on your phone and uploaded to someone else, is a disgraceful breech of privacy and evil by its nondisclosure. If you choose to ignore this with your blind love of your Android, then you're deluding yourself. But then again, Google are the true evil empire. I hope you didn't type this on your Android as the faceless men now know what you're doing.

      The iPhone tracking issue was location data being stored in an easily readable file on your device and any devices you synced with. This seems a lot more serious.

      "From your location to your web browsing addresses and passwords to the content of your text messages."

      That is much worse.

    Aaaaand this is why carriers don't want you buying WP7 / iPhones.

    They may not be doing much with the data, but the fact that it's sitting there means that it can be exploited and that's not cool. I'm going to have to suck it up and flash a custom ROM soon.. ugh.. what about my angry birds scores? hahah

      App backups include App data so your scores will remain intact when you restore. Just do it, you will not regret it.

    I just check my HTC Incredible S. Its a stock model I bought outright and it doesn't have any of this software on it. It would be interesting to see if the same phone bought though a carrier had it.

      The software is a hidden service (rootkit) which is cooked into all non ASOP roms, so I wouldn't be surprised if you didn't find it, but it is actually there.

    Custom ROMS ftw again. But obviously thats not something the general public would be able to do.

    Wow, that's alarming. To think, I was just about to try get my money back from my new iPhone 4S to buy a Samsung Galaxy S2.

      Hey, how you doin?
      Troll here often?

    *SMACKS CHEEK IN HORROR* - Really???? Say it isnt so! First Apple, and now Android!?!!?!??
    I bet that Windows handsets will be next!!

    .....if its like a computer - then the possibility for risk is higher for this to happen.......

    If such a service was used in NSW it would almost certainly be in breach of the Surveillance Devices Act (S7). I havent checked yet whether this service is installed on my phone yet but I had a look through the terms and conditions on my contract and nothing there would appear to allow the interception of the content of messages or communications. Since I don't recall agreeing to any monitoring by Carrier IQ, if the service is being used it is without my consent and I doubt they have a warrant either.

    I highly doubt this is on Android sold in Australia? Seems more like carriers in USA are the one putting this into their devices.

    ignorance is bliss

    Of course it's opt in, click this link to opt out -

      Cool, how many app stores can I choose from? Can you get it with a keyboard? How much a the batteries when the included one dies? I assume you can just slide the back off just like any standard phone.

        Because physical keyboards on phones are cool!

      Yeah but id rather be tracked than a douchebag.

        Funny. I thought you were both? Yep, I was right. You are. Enjoy your fragmentation, malware and now a dose of spyware tracking on the side. Hows that reality distortion field working for you champ? lol

    This is...Quite creepy. This is kind of further than apple took it.

      Actually Apple used Carrier IQ up until iPhone OS 3.1 (Before it was iOS).

        Supposedly it's still in even iOS5, but not normally active and not as information hungry as the android variant (source:

        as David mentioned, it does exist in iOS5 as well. and we do not know just as yet how "hungry" for information in iOS5... it is foolish to think they're not normally active and not as information "hungry".

    Nothing we can do about it? No point stressing then lol

    As much as I hate it, its just too hard to fight it. My watch is probably even tracking my location these days

    This isn't installed on phones sold in Australia apparently. All this hulaballo is about American phones ;)

    This seems a bit of a beat up. You are sending all of this information through the carrier anyway. All those secret google queries, sms and calls are going through your carrier in the first place. If you want anonymity and security better get off the grid.

Join the discussion!