1. The reference is found in a 2 year old version of iOS.
2. "IQAgent" sounds like things Apple could name, e.g.: I've seen no evidence that this has anything to do with CarrierIQ. There's been no disassembly (unless I missed it) so it quite possibly could simply be the fact that at one point Apple used the two letters "IQ" in an obscure file.
3. People watch the data iPhones transmit pretty closely, I know I have on occasion watched iOS devices talking to the cloud. If "every keystroke, every SMS" were being logged, I'd think people would have more than just a filename to go on.
4. As mentioned it seems this file is not used outside of diagnostic mode, which makes this much ado about nothing at this point.
I think its fine to be suspicious, but these things really should be approached with some objective detachment until actual transmission of user data that shouldn't happen is uncovered.
I don't know how many of the points above apply to the "indications" in android as well, but I think we should have more neutral, unemotional, and detached coverage of it as well.
I think spying on people is bad, and I think that americans are spied on more today than ever before. I think that's also why we have to be really careful about reporting it.
Edit: Deleted a digression that pointed out that the government is including language in recent legislation that allows them to collect data about us that previously would have been illegal. This was a distraction from my main point.
(I wrote that post.) I think that is the case: it is using the same "diagnostics are enabled?" function call that the Crash Report submission is using, and the binary logs "This is not supported hardware, or the user has opted out." and exits if that call doesn't return true.
However, there definitely could be something else going on there: I do not want to rule out any possibilities here, many people are very touchy about privacy issues like this.
You should be careful about how you word things in your posts. You tend to state working observations and theories as conclusions and then the press and armchair security experts take it as fact.
That said, you've done very good work, and made a very valuable contribution to consumers.
>2. "IQAgent" sounds like things Apple could name, e.g.: I've seen no evidence that this has anything to do with CarrierIQ. There's been no disassembly (unless I missed it) so it quite possibly could simply be the fact that at one point Apple used the two letters "IQ" in an obscure file.
The fact that those files contain a reference to http://collector.sky.carrieriq.com establishes a definite link to CarrierIQ, even if it doesn't actually run and send logs.
1. The reference is found in a 2 year old version of iOS.
2. "IQAgent" sounds like things Apple could name, e.g.: I've seen no evidence that this has anything to do with CarrierIQ. There's been no disassembly (unless I missed it) so it quite possibly could simply be the fact that at one point Apple used the two letters "IQ" in an obscure file.
3. People watch the data iPhones transmit pretty closely, I know I have on occasion watched iOS devices talking to the cloud. If "every keystroke, every SMS" were being logged, I'd think people would have more than just a filename to go on.
4. As mentioned it seems this file is not used outside of diagnostic mode, which makes this much ado about nothing at this point.
I think its fine to be suspicious, but these things really should be approached with some objective detachment until actual transmission of user data that shouldn't happen is uncovered.
I don't know how many of the points above apply to the "indications" in android as well, but I think we should have more neutral, unemotional, and detached coverage of it as well.
I think spying on people is bad, and I think that americans are spied on more today than ever before. I think that's also why we have to be really careful about reporting it.
Edit: Deleted a digression that pointed out that the government is including language in recent legislation that allows them to collect data about us that previously would have been illegal. This was a distraction from my main point.