RSS Alerts

Share

More services

David Harley

Job title:
CEO, Small Blue-Green World, and independent author

Areas of expertise:
Apple security, malware, anti-malware testing, psychosocial aspects of security, user education, email management, social media, medical informatics

Biography:
The Apple Security Blog, by David Harley David Harley, CITP, FBCS, CISSP, is an IT security researcher, author and consultant living in the UK. He has worked in IT (largely in medical informatics) since the 1980s, increasingly focused on security and anti-malware research since 1989. Between 2001 and 2006 he managed the UK National Health Service’s Threat Assessment Centre, and since 2006 he has provided authoring and consultancy services to the anti-virus industry. Since 2009 he has been a director of the Anti-Malware Testing Standards Organization (AMTSO). He runs the Mac Virus website and AVIEN (the Anti-Virus Information Exchange Network), and is a Fellow of the British Computer Society (now the BCS Institute). He was principle author and technical editor of “The AVIEN Malware Defense Guide for the Enterprise” and co-authored “Viruses Revealed”, as well as contributing to many other books including “OS X Exploits and Defense”. He has a daunting back-catalog of research papers and articles, and also blogs for Mac Virus, AVIEN, ESET (where he holds the title Senior Research Fellow), (ISC)², and numerous other websites.

Tag Cloud

hackingcloud securitySecurityMalwareDavid HarleyCompliancecloudWiFi

Bloggers

Blog

Carrier IQ: Not Just an Android Issue

Unless you’re currently trekking through the Gobi, you’ve probably caught some of the fuss about Carrier IQ, accused of conduct resembling a rootkit more than legitimate logging. I think that some of the indignation has been a little overdone, as I commented here, but there are certainly legitimate reasons for concern.

Of course, there’ve been many concerns raised around security and Android in recent months, as Dan Raywood mentioned here, and indeed I let off a little steam myself, though that was mostly at Chris DiBona’s ill-judged attack on the anti-malware industry. But this isn’t all about Android, though Trevor Eckhart’s analyses are mostly focused on HTC devices: some sources claim that Carrier IQ’s software is running on Nokia devices, Blackberries and even iPhones (I’ll come back to that).  
An article by Tim Worstall notes some inconsistency in these reports: for example, Research in Motion claims that it "does not install nor authorize its carrier partners to install “Carrier IQ” monitoring software on its BlackBerry smartphones", though I have to agree with John Gruber that this statement isn’t quite the same as saying that the software isn’t installed on any BBs. Worstall also suggests that its use on Android is restricted to North America.
iPhone-wise, though, it appears that iPhones do carry it, though chpwn’s blog indicates that the Apple implementation isn’t quite the same as the Android descriptions I’ve seen. More to the point, it includes some pretty detailed information on how it can be disabled, if it isn’t already. Caveat: I don’t have an iPhone of any description, and can’t therefore try these out personally.

Posted 01/12/2011 by David Harley

Tagged under:David Harley, chpwn, Carrier IQ, Dan Raywood, Android, iOS, Trevor Eckhart, HTC, iPhone, Blackberry, RIM, Nokia, Tim Worstall

Comment on this blog

You must be registered and logged in to leave a comment about this blog.

Terms & Conditions |Privacy |Website Design|Reed Exhibitions. All rights reserved. Copyright © 2012