The response they received was a little chilling; The FBI does have relevant documents and materials, but they are exempt from FOIA request because they are protected by a provision that prevents materials from being released if they might affect and ongoing investigation. This would seem to indicate that the FBI has at least one investigation that is using data (live or logged) from the CarrierIQ application.
Now, before you get too excited and begin to speculate about Keylogging and other things it is important to remember that CarrierIQ has already admitted that it can log phone numbers as they are dialed and can also track the locations the calls are made from. The investigative uses that the FBI is putting this to could be as simple as cataloging the numbers dialed from a suspect’s phone and where they are calling from. Or to plot their movements based on the “check-in” locations.
To track you as you move with your phone does not require CarrierIQ as every phone leaves traces as it talks to the towers. These traces are unique identifiers (to prevent rouge access) and can be used to track a phone as it moves from cell to cell. Still the fact that the FBI (or any other agency) can collect your call data is disturbing and would seem to definitely an invasion of privacy on some level.
CarrierIQ and the providers that are utilizing its information could very well be found in violation of US wiretap laws in the end. Of course their argument will be that they can already get those numbers from their exchange and if needed link the call times to locations based on tower check-ins. CarrierIQ just gives them much more accurate location information so the outcome of any litigation is unlikely to impact them legally. It will impact them in consumer confidence and trust (which is already minimal).
Source MuckRock
Discuss this in our Forum
Wednesday, 14 December 2011 07:08
Nope, we are not done with CarrierIQ just yet...
Written by Sean KalinichReading time is around minutes.
Just when you thought it was safe to dial your mobile phone again. At the height of the CarrierIQ debacle a FOIA (Freedom of Information Act) request was put in to the FBI by the Blog MuckRock asking for “Manuals, documents or other written guidance used to access or analyze data gathered by programs developed by CarrierIQ”
Published in
News
Tagged under
Latest from Sean Kalinich
- ConnectWise Slash and Grab Flaw Once Again Shows the Value of Input Validation We talk to Huntress About its Impact
- Social Manipulation as a Service – When the Bots on Twitter get their Check marks
- To Release or not to Release a PoC or OST That is the Question
- There was an Important Lesson Learned in the LockBit Takedown and it was Not About Threat Groups
- NetSPI’s Offensive Security Offering Leverages Subject Matter Experts to Enhance Pen Testing
Leave a comment
Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.