Page 8 of 10 « First 67 8 910
Reply
Thread Tools
reinob is offline reinob
2011-12-09 , 14:23
Posts: 1,808 | Thanked: 4,272 times | Joined on Feb 2011 @ Germany
#71
Originally Posted by HeadLess View Post
So others easily can check.
There are some n9* users that terminal remains a mystery to them, or do not have enough time to check in all those places.

Besides, if we contain all checks in one place (per platform at least) it will be easy to add more checks later.

If CIQ will be sued into oblivion, there will be others. Propably allready are.
We need a way to keep an eye on them.

What was that apt command to show all fs differences from original installed .deb?
Yup, but what I meant is that "all N900 are created equal" (besides minor differences in regional firmware), and the firmware doesn't contain any IQ related stuff.

The chances that CarrierIQ is present, in some camouflaged form, in extras-devel are close to 0% (hey, I'm sure we got stuff worse than carrierIQ in there! , so we can reasonably assume that CarrierIQ doesn't exist on the N900 (besides, why would such a company "support" Maemo?).

But yeah, if you want to write a script for that, be my guest.
 
reinob is offline reinob
2011-12-09 , 14:24
Posts: 1,808 | Thanked: 4,272 times | Joined on Feb 2011 @ Germany
#72
Originally Posted by HeadLess View Post
What was that apt command to show all fs differences from original installed .deb?
Do you seriously think that any half-assed rootkit would show up as being installed by apt-get? do you think that it would even be installed at all using apt-get or dpkg?

I mean, this is like going to the "add/remove programs" in Windows 95 to remove a virus!
 

The Following User Says Thank You to reinob For This Useful Post:
sulu is offline sulu
2011-12-09 , 14:50
Posts: 915 | Thanked: 3,209 times | Joined on Jan 2011 @ Germany
#73
Originally Posted by reinob View Post
Do you seriously think that any half-assed rootkit would show up as being installed by apt-get? do you think that it would even be installed at all using apt-get or dpkg?

I mean, this is like going to the "add/remove programs" in Windows 95 to remove a virus!
According to this code snippet, which is in the link Headless provided for the Android detector, showing up as a package is exactly what CarrierIQ does:
Code:
    private void findPackages() {

        String[] potentialPackages = {
                "com.carrieriq.iqagent",
                "com.htc.android.iqagent",
                "com.carrieriq.attrom",
                "com.carrieriq.tmobile"
        };
        ArrayList<String> lines = new ArrayList<String>();

        for (String p : potentialPackages) {
            try {
                mContext.getPackageManager().getApplicationInfo(p, 0);
                lines.add(p);
            } catch (NameNotFoundException e) {
                // if an exception is thrown that means the package was not
                // found or registered with Android
            }

        }
        found.put(DetectTest.PACKAGES, lines);
    }
 

The Following User Says Thank You to sulu For This Useful Post:
HeadLess is offline HeadLess
2011-12-09 , 23:41
Posts: 4 | Thanked: 6 times | Joined on Mar 2010
#74
Remember, this is NOT an attack on system - this is (are?) legit apps, blessed by carriers to spy on slaves,er clients.
Those will have certificates and will not hide from root
The worst they can legally (?) do now is encrypting logs and change names.
Anything more, and it can be classified (by court) as rootkit, and Sony lost that.

The verification of md5 sums on standard Debian is:
Code:
sudo debsums -c
Since v.0.6 apt has SecureApt implemented.
All we need is port of debsums (I dont see it in repos now).
And knowledge how to use it ;P

Maybe aide could be used?
 

The Following 2 Users Say Thank You to HeadLess For This Useful Post:
Niwakame's Avatar
Niwakame is offline Niwakame
2011-12-12 , 20:43
Posts: 120 | Thanked: 126 times | Joined on Nov 2011 @ Germany
#75
Checking for dpkg -l output, ps output and lsmod output should be enough to find something fishy. Wrap that to a nice UI that does string compare and finished.

Nevertheless, you first would need to find a user that actually has carrierIQ on their phone to get the positive list.
__________________
Served 2487 users with Instant Messaging Providers for N9 (~35.45 GB)
 
ekili is offline ekili
2011-12-12 , 21:08
Posts: 2 | Thanked: 2 times | Joined on Dec 2011
#76
Originally Posted by javispedro View Post
The N9 contains lots of proprietary firmware and undocumented devices (such as the baseband), and those have access not only to the main memory, but also to the GPS, the microphone and a handful other "features" that would put your average government tracking device to shame.
Good point! What about skype? I'd like to know how to uninstall it (and Facebook + Google) from my N900 to gain some privacy.
 

The Following User Says Thank You to ekili For This Useful Post:
sulu is offline sulu
2011-12-12 , 21:32
Posts: 915 | Thanked: 3,209 times | Joined on Jan 2011 @ Germany
#77
Originally Posted by ekili View Post
Good point! What about skype? I'd like to know how to uninstall it (and Facebook + Google) from my N900 to gain some privacy.
try this to find any related packages:
Code:
sudo apt-cache search skype
sudo apt-cache search facebook
If you've found them run this:
Code:
sudo apt-get purge SKYPE FACEBOOK
sudo apt-get autoremove
(replace the PLACEHOLDERS with the actual package names you identified with apt-cache)
 
Mike Fila's Avatar
Mike Fila is offline Mike Fila
2011-12-13 , 00:44
Posts: 412 | Thanked: 480 times | Joined on Feb 2011 @ Bronx, NY
#78
I had suspected this was prolly part of calea ...the info from carrier IQ is being used by the FBI

http://www.muckrock.com/news/archive...ment-purposes/

btw calea is the US act I know this has been implemented in England but I dont know the exact name of the program.
__________________
4 way loopable wallpapers
Seamless Backgrounds for 9 Desktops
Black Green Rage Icons
Big Shiny Icons
 

The Following User Says Thank You to Mike Fila For This Useful Post:
IsaacDFP is offline IsaacDFP
2011-12-13 , 16:23
Posts: 435 | Thanked: 197 times | Joined on Feb 2010
#79
CarrierIQ has responded in a statement that it has “never provided any data to the FBI. If approached by a law enforcement agency, we would refer them to the network operators because the diagnostic data collected belongs to them and not Carrier IQ.”
They have also released a PDF apparently giving you more details about what they do.

"By explicitly refusing to answer questions while implying that Carrier IQ can in fact be used as Big Brother spyware, the government just poured gas on the privacy fire Carrier IQ has been desperately trying to put out."
 

The Following User Says Thank You to IsaacDFP For This Useful Post:
Mike Fila's Avatar
Mike Fila is offline Mike Fila
2011-12-13 , 17:04
Posts: 412 | Thanked: 480 times | Joined on Feb 2011 @ Bronx, NY
#80
ah it's a strawman argument ...if you read calea you will see that us carriers are required to be able to give the feds realtime access to their networks ..as we have seen carrier IQ has that ability ...while ciq may not provide that info directly to the feds it's easy to see that it's implementation is more than likely to be able to comply with calea.
__________________
4 way loopable wallpapers
Seamless Backgrounds for 9 Desktops
Black Green Rage Icons
Big Shiny Icons
 

The Following User Says Thank You to Mike Fila For This Useful Post:
Reply
Page 8 of 10 « First 67 8 910

« Previous Thread | Next Thread »
Thread Tools

 
Forum Jump


All times are GMT. The time now is 07:00.

Contact Us - Home - Archive - Top