Recently uncovered at XDA-Developers is the true purpose of CarrierAgent IQ. I noticed it on my Samsung phones, as well as a version on my HTC Evo. I've always wondered what it is, what it does, and why it's there. Well k0nane over at XDA has an explanation.
Put simply - and bluntly - Carrier IQ is a software package buried deep within Android by Samsung at the behest of Sprint. It has been in active use since the time of the Moment, if not before. The company that develops it, also known as Carrier IQ, bills it as "Mobile Service Intelligence". In their own words,
[T]he combination of the MSIP and IQ Insight lets you move seamlessly from broad trend data across many users, through comparative groups down to diagnostic data from individual devices. Now, not only can you identify trends, you have the power to drill down to specific instances, giving you the insight your specialists need to make a difference.On its own, that description can vary from harmless, to worrying, depending on how you look at it. It's not until one drills deep down into the system and ferrets out every piece of the software that one truly knows what it contains. As some of you might remember, ACS took the first steps toward disabling the Carrier IQ software with the release of SyndicateROM and Xtreme Kernel 1.0. That, however, didn't even scratch the surface.
Carrier IQ's native libraries are plainly visible - libiq_client.so and libiq_service.so in /system/lib. During every boot, this service is launched - you can see it in Settings > Applications > Running Services as "IQAgent Service". These native libraries are called by non-native (Android application) libraries located in ext.jar (the client) and framework.jar (the service). Removal of these (rather obviously-named) libraries alone, be it the .so files or the libraries in framework or ext, will, obviously, break boot. So I - k0nane - had to dig deeper. To make a long story short, reference to the IQ Service and IQ Client were littered across the deepest portions of the framework, and some of the most basic functions of the Android system as we know it.
Carrier IQ as a platform is designed to collect "metrics" at any scale. What I found it to hook into is far beyond the scope of anything a carrier needs - or should want - to be collecting. Carrier IQ sits in the middle of, and "checks" the data of, SMS and MMS messages. It listens for and receives every battery change notifications. It hooks into every web page you view, and every XML file your device reads. It receives every press of the touch screen. It 'sees' what you type on the physical keyboard. It reads every number you press in the dialer. It can track which applications you use, what 'type' they are, how often, and for how long. It hooks into data sent and received.
I, and the rest of ACS, ask Samsung and Sprint - why do you want this information? Why do you need it? Why is the capability in place?
The only saving grace - if there is one - to this nasty, ten-legged mutant spider is that its logs are off by default. During the investigation process, I was able to enter its UI. Below are two screenshots of it.
That being said, the question still must be asked - why is the service even running? Why does Sprint and Samsung feel the need to leave a dormant monster in every one of its most loyal customers' phones?
Here's the most important part (tl;dr): the Carrier IQ service is a drain on battery life and performance. ACS noticed a significant rise in Smartbench scores and overall system 'snappiness' after Carrier IQ's removal. In addition, with it removed, ACS team lead rjmjr69 saw 30 hours of battery life, with heavy use, on the stock battery.
Downright scary. I am currently looking at any legal recourse we can take if any. Please leave a comment below or at this thread:
IQAgent Discussion Thread
I am currently investigating this as we speak, and I literally rushed this post out as quickly as possible. Stay tuned for more info.
UPDATE 3/6 12:56PM: I've e-mailed dan@sprint.com for an explanation. Let's see what they have to say.
Good job, Wonderfull keep sharing Awesome post
ReplyDeleteLearn More