CarrierIQ (CIQ) and such "rootkits" on HP Touchpad ?

hptuser · 11/27/2011, 07:59 PM

Has anybody looked to see if the HP Touchpad too has CarrierIQ or such "rootkits" pre-installed ?
The Rootkit Of All Evil – CIQ | xda-developers

BTW, homebrew Impostah seems to make available a lot of system info etc.
How does one make the best use of Impostah ?

Also, is there anti-virus / anti-malware apps available for TP? Thanks.

bluenote · 11/27/2011, 08:02 PM

Shows that "nothing is free", while people think they are getting this free Android software on their phone, no one put to the consumer directly--would you hand over your information in exchange for this (free) software?

Cantaffordit · 11/27/2011, 08:05 PM

no reason to have antivirus software for webOS

nexus14 · 11/27/2011, 08:15 PM

One could argue that HP's overzealous use of system logging is similar to a rootkit

cmcrae1 · 11/29/2011, 08:19 PM

Look at Carrier IQ Info Video - YouTube (@ 1:05 minutes).....would appear that it is on our devices too.

antijingoist · 11/29/2011, 10:16 PM

RT @Korey_Nicholson: @webosinternals @hp @webosdev @verge They are a client yes. I'm the one who conducted the interview with Andrew Coward

bluenote · 10:42 PM

for webOS? Or for their windows tablets?

wow: video shows TouchPad and two phones: Pre3 and Pre2?

And HP technical support still had alot of trouble fixing my TouchPad. The video says the consumer has to opt-in. Where is the opt-in for webOS? Is it in the Palm agreement or the app catalogue agreement?

dignitary · 11/29/2011, 10:48 PM

The consumer "opts in" without ever realizing it because it's generally buried in a contract or agreement in fine print.

p41m3r · 02:39 AM

Quote:

Originally Posted by independent1

The consumer "opts in" without ever realizing it because it's generally buried in a contract or agreement in fine print.

That's right.

3:56 - "...they gain this permission through service agreements..."
4:01 - contains user-identifiable info. Sweet!

Ok, so how do we kill this monster?

Mutoidi · 11/30/2011, 04:51 AM

Quote:

Originally Posted by p41m3r

That's right.

3:56 - "...they gain this permission through service agreements..."
4:01 - contains user-identifiable info. Sweet!

Ok, so how do we kill this monster?

It's dying anyway!
Just be aware of what you 'back-up' and where.. and what Accs. you 'sync' to what other Accs?
Clean out your Log files and frequently reset to 'Min Logging' etc?
Disable your Android 'identifier'?
Empty your Email 'trash' from both client & server?
Opt out of 'Location Services'?

panel · 11/30/2011, 08:45 AM

Sorry I don't understand, is there CIQ logging on webOS or no ? Or nobody knows?

greenskinredeyez · 11/30/2011, 05:39 PM

Why?

So nobody will ever develop virus/malware for webos? How can you be so sure?

Have you ever seen your touchpad displaying this message?
"Touchinput recording, press sym+opt+w to stop"

Quote:

Originally Posted by Cantaffordit

no reason to have antivirus software for webOS

howi · 12:22 PM

Quote:

Originally Posted by bluenote

Shows that "nothing is free", while people think they are getting this free Android software on their phone, no one put to the consumer directly--would you hand over your information in exchange for this (free) software?

bluenote,

You may have missed a few things...

1. Carrier IQ software is not installed by end-users but rather embedded in the various manufacturers firmware specific for the U.S. carriers. Only U.S. carrier subscribers have found to be targeted. Verizon has denied any use of Carrier IQ software.

2. Google has not implemented the Carrier IQ software in the vanilla Android and it has not been the case with those "reference" devices directly partnered with Google e.g. Nexus One, Nexus S, Motorola Xoom, Galaxy Nexus.

3. Carrier IQ references have also been discovered in Apple iOS (verified http://forums.macrumors.com/showthre...1284749&page=2 ), Nokia Symbian (denied http://www.theverge.com/2011/12/1/26...sed-carrier-iq ) and BlackBerry OS (denied http://www.reuters.com/article/2011/...7B01PA20111201 )according to TrevE.

4. There are no up front opt-in / opt-out opportunities, no straight-forward uninstall mechanism is available as described by TrevE and others.

Of course, by offering an opt-out for collecting our usage patterns and data, many will protect the privacy rather.

codecrumb · 12/01/2011, 01:49 AM

I did a quick scan through the webOS tarball for the Pre3 and did not find anything. Just to be sure, I have updated the Max Blocker patch to block any traffic to carrieriq.com

That said, Palm logs an ENORMOUS amount of information which is uploaded to palm.com which is yet another good reason why you should install the following

- Muffle
- EOM

thomaz · 11:53 AM

Millions of Smartphones and Tablets have a Rootkit Spyware Software called CarrierIQ installed.

Of course its a good question if WebOS Devices are also affected.

If yes it would be fantastic if some experienced user can make a patch to eliminate this Spyware.

CarrierIQ | Android Security Test
the site is under heavy load so try again and again and ...

thomaz · 12/01/2011, 12:00 PM

Quote:

Sorry I don't understand, is there CIQ logging on webOS or no ? Or nobody knows?

so where is a CLEAR ANSWER to this question ?

and if yes how can i disable it ?

thomaz · 12/01/2011, 12:24 PM

yeahh but there is no clear answer

bhern · 03:13 PM

There is no carrierIQ in webOS

Rnp · 12/01/2011, 01:43 PM

Quadrant before disable CarrieIQ in one Android here: 3427.
Quadrant after disable CarrieIQ in same Android here: 4593.

Finally, discovered the #*5647# on Androids...

Best Regards...

p41m3r · 12/02/2011, 05:44 AM

Quote:

Originally Posted by thomaz

so where is a CLEAR ANSWER to this question ?

Frustrating! If the answer is no, as Palm stated, then why would Coward misrepresent web OS devices in the video (1:05 - 1:10)?

Quote:

Originally Posted by Rnp

Finally, discovered the #*5647# on Androids...

Thats it? Would something at this (presumably) low level be this easily bypassed?

11/27/2011, 07:59 PM	#1 (permalink)
hptuser Member Join Date: Nov 2011 Posts: 10 Thanks: 0 Thanked 2 Times in 2 Posts	CarrierIQ (CIQ) and such "rootkits" on HP Touchpad ? Has anybody looked to see if the HP Touchpad too has CarrierIQ or such "rootkits" pre-installed ? The Rootkit Of All Evil – CIQ \| xda-developers BTW, homebrew Impostah seems to make available a lot of system info etc. How does one make the best use of Impostah ? Also, is there anti-virus / anti-malware apps available for TP? Thanks.
	Liked by

11/27/2011, 08:02 PM	#2 (permalink)
bluenote Member Join Date: Feb 2008 Posts: 3,043 Thanks: 350 Thanked 565 Times in 345 Posts	Shows that "nothing is free", while people think they are getting this free Android software on their phone, no one put to the consumer directly--would you hand over your information in exchange for this (free) software?
	Liked by

11/27/2011, 08:05 PM	#3 (permalink)
Cantaffordit Moderator Join Date: Jan 2010 Posts: 14,933 Thanks: 3,772 Thanked 3,892 Times in 2,760 Posts	no reason to have antivirus software for webOS
	Liked by

11/27/2011, 08:15 PM	#4 (permalink)
nexus14 Member Join Date: Aug 2011 Posts: 22 Thanks: 6 Thanked 4 Times in 3 Posts	One could argue that HP's overzealous use of system logging is similar to a rootkit
	Liked by spud101, xandros9, tsaunders and 2 others like this. Thanked by Daughain, p41m3r

11/29/2011, 08:19 PM	#5 (permalink)
cmcrae1 Member Join Date: Feb 2010 Posts: 6 Thanks: 3 Thanked 7 Times in 2 Posts	Look at Carrier IQ Info Video - YouTube (@ 1:05 minutes).....would appear that it is on our devices too.
	Liked by tsaunders likes this. Thanked by blackfireball5, p41m3r, somline, tsaunders, xandros9

11/29/2011, 10:16 PM	#6 (permalink)
antijingoist Member Join Date: Jul 2010 Location: North East Posts: 123 Thanks: 27 Thanked 23 Times in 14 Posts	RT @Korey_Nicholson: @webosinternals @hp @webosdev @verge They are a client yes. I'm the one who conducted the interview with Andrew Coward __________________ Apps: Junk Silver, Junk Exchange Projects: Distress Signal
	Liked by

11/29/2011, 10:32 PM	#7 (permalink)
bluenote Member Join Date: Feb 2008 Posts: 3,043 Thanks: 350 Thanked 565 Times in 345 Posts	for webOS? Or for their windows tablets? wow: video shows TouchPad and two phones: Pre3 and Pre2? And HP technical support still had alot of trouble fixing my TouchPad. The video says the consumer has to opt-in. Where is the opt-in for webOS? Is it in the Palm agreement or the app catalogue agreement? Last edited by bluenote; 11/29/2011 at 10:42 PM.
	Liked by

11/29/2011, 10:48 PM	#8 (permalink)
dignitary Member Join Date: Jun 2009 Location: London, UK Posts: 477 Thanks: 152 Thanked 150 Times in 110 Posts	The consumer "opts in" without ever realizing it because it's generally buried in a contract or agreement in fine print.
	Liked by

11/30/2011, 08:45 AM	#11 (permalink)
panel Homebrew Developer Join Date: May 2011 Location: Slovakia Posts: 269 Thanks: 27 Thanked 83 Times in 40 Posts	Sorry I don't understand, is there CIQ logging on webOS or no ? Or nobody knows? __________________ If you like my applications (SynoMusic, SynoDM, SynoFM) and want to donate for future upgrades and development
	Liked by

12/01/2011, 01:49 AM	#14 (permalink)
codecrumb Member Join Date: Jul 2010 Posts: 282 Thanks: 26 Thanked 187 Times in 40 Posts	I did a quick scan through the webOS tarball for the Pre3 and did not find anything. Just to be sure, I have updated the Max Blocker patch to block any traffic to carrieriq.com That said, Palm logs an ENORMOUS amount of information which is uploaded to palm.com which is yet another good reason why you should install the following - Muffle - EOM __________________ Follow me on Twitter: http://twitter.com/warthogkernel Experimental warthog kernels for webOS devices. Patches such as Muffle System Logging, Max Blocker etc. Donations go towards further experimentation.
	Liked by

12/01/2011, 11:47 AM	#15 (permalink)
thomaz Member Join Date: Sep 2011 Posts: 107 Thanks: 7 Thanked 7 Times in 2 Posts	Does WebOS have CarrierIQ Rootkit installed ? Millions of Smartphones and Tablets have a Rootkit Spyware Software called CarrierIQ installed. Of course its a good question if WebOS Devices are also affected. If yes it would be fantastic if some experienced user can make a patch to eliminate this Spyware. CarrierIQ \| Android Security Test the site is under heavy load so try again and again and ... Last edited by thomaz; 12/01/2011 at 11:53 AM.
	Liked by

12/01/2011, 12:24 PM	#17 (permalink)
thomaz Member Join Date: Sep 2011 Posts: 107 Thanks: 7 Thanked 7 Times in 2 Posts	yeahh but there is no clear answer
	Liked by

12/01/2011, 01:37 PM	#18 (permalink)
bhern Member Join Date: Jun 2009 Location: Sunnyvale, CA Posts: 1 Thanks: 0 Thanked 1 Time in 1 Post	There is no carrierIQ in webOS Last edited by bhern; 12/01/2011 at 03:13 PM.
	Liked by Thanked By: patapoof

12/01/2011, 01:43 PM	#19 (permalink)
Rnp Member Join Date: Jan 2008 Location: Rio de Janeiro - Brazil (Oh, Yeis!!!) Posts: 672 Thanks: 782 Thanked 38 Times in 32 Posts	Quadrant before disable CarrieIQ in one Android here: 3427. Quadrant after disable CarrieIQ in same Android here: 4593. Finally, discovered the #5647# on Androids... Best Regards... __________________ "Evolution History... Or Not!"* Basic Math: Pre + Pre - Pre 2 ≠ Pre³ :-\ Do You Want A Virtual Drive With 05 GB + 500MB FREE? Click Here And We Earn Together!
	Liked by Thanked By: p41m3r

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode