The Rootkit Of All Evil – CIQ

Ah, and just as I read this, I find that cyanogenmod for the galaxy s has recently become stable. I now have a hot date with an exploitable bootloader.<p>I've been running some sort of dodgy leaked nightly build from samsung that doesn't have any carrier shite on it since I got the thing, so maybe it hasn't been there all along. Either way it's high time for some new firmware.<p>As others have said here, you can remove this stuff all you want, all you're doing is shutting off the simplistic application layer backdoors. There is absolutely nothing you can do about the backdoors built into the baseband firmware itself, which is what law enforcement agencies use.<p>Well, absolutely nothing except flashing your own open source baseband firmware from the fine folks at the OsmocomBB project. Unfortunately that project only targets a very small set of simple featurephones, which won't do much to excite HN types. What may whet your appetite however, is the possibility to inject arbitrary packets straight into the GSM network! The possibilites for fun, learning, and prison time are endless.<p><a href="http://bb.osmocom.org/trac/" rel="nofollow">http://bb.osmocom.org/trac/</a><p><a href="http://www.youtube.com/watch?v=_0LCgxe24Po" rel="nofollow">http://www.youtube.com/watch?v=_0LCgxe24Po</a> [27C3: Running your own GSM stack on a phone]

Where is the proof that this software is installed onto phones other than Android? I would like to know what made them say that it's installed on Nokias for instance...<p>Also, is this something that is US-only?

You Americans need some privacy laws. Badly. (Yes, the EU has issues. But the privacy stuff is a step in the right direction.)

Is CIQ put on phones at the behest of manufacturers or carriers?<p>Is the data sent by CIQ charged to the user?<p>Regardless of the answers, this is bad, bad stuff. Given where we are with something as basic as SOPA, I doubt we'll ever see anything done to protect consumers against this type of privacy invasion.

Yet another reason to never buy a phone from a carrier, or a phone running a proprietary OS.

This is why corporations <i>give</i> smart phones away at no cost. People pay for the phone many times over by giving away most all of their data and privacy to the corporation that gave them the phone. Most people just don't realize this.

I don't see reasons for such dramatic headlines.<p>Isn't this similar to your syslog (on linux atleast)?<p>There is no indication that this logging is being used for anything but debugging purposes in case of failure or crash.