Recently I’ve gotten into a little row on Twitter regarding CIQ, openness, and security.
On the top level, I’m going to hand it to @sysrich, and agree. This is a bad design and practice decision from the carriers and the handset makers which went along with it.
Security Matters and CarrierIQ
Digging a little deeper, however, and there’s some additional worry to be had about it. First off, any sensitive system with a backdoor will be exploited by the Bad Guys. I would include the level of surveilence that CarrierIQ conducts, even if invited and warranted, as part of that. To start with, who’s to say someone won’t perfect a man-in-the-middle attack for CIQ? That’s a LOT of data that they can scarf down on everyone with a (im)properly equipped Android, BlackBerry, or iOS device. It’s a tremendous goldmine that I’m positive someone’s been working on cracking. I’m completely sure there’s a cracker somewhere working on getting in through this rootkit.
A Failure to Design Security
There’s only two prongs for effective computer security: architecture and education. Any modern system really needs to be designed with the understanding that it will be under constant attack from the outside world. To do otherwise is folly. On the other side, users have to understand some basics of computer security: you wouldn’t let any random person in your home and your filing cabinet with all your tax information, so why would you let any random application onto a computing device? You also very likely do not have a long-lost cousin stuck in Nigeria, nor should you ever ever ever give out your password. Without one, the other is failed.
This is where my argument with Mr. Brown’s stance begins. I view this as a fundamental security flaw, and if they were actually putting security first, the carriers and handset makers’ security experts (if any) would have pitched a fit. Hell, they probably did pitch a fit, but were ignored. Security comes down to architecture and education, and carriers and handset makers purposefully broke down security design to gather information. This is bad security design. We’ve known about this big purposeful foul-up. What’s still there that hasn’t been found yet?
A Failure to Educate Security
Users have also been trained that their phones are there to shield them from Big Bad Computerness. You know what? They are. At some point, I’ll write why I actually love that. In this case, however, it’s a problem. Even if people’s phones were shipped completely open to them, I’m sure CIQ could be shipped to about 138 of the 140 million infected phones and survive. Don’t imagine for one second that the number of active and infected CIQ phones is going to go down anytime soon- even if CIQ gets nailed by Sen. Al Franken, that software is going to live on until those phones are taken out of service, leaving millions and millions of phones with active, functional backdoors. I doubt most people with CIQ have even heard of it yet; expecting most tech news like this to hit the mainstream is like trickle-down economics and the expectation that the money at the top will hit the mainstream (#OccupyWired?).
So What?
An open system would indeed allow a user to actually inspect their phone and ensure rootkits like CIQ don’t come from the factory, true, but we (the technocrati) have failed to work out how to educate the masses effectively in computer security, leaving it to folks like Apple to say “Trust us, we’ll take care of you in this Big Bad World.” On top of that, it’s been proven that secure design was not at the top of the list in importance for both the carriers and manufacturers; the fact that we should need to inspect handsets STRAIGHT FROM THE FACTORY for pre-installed security flaws is just as bad.
tl;dr
Security isn’t that hard, unless you’re not giving a shit from the start.
One Comment
A better tl;dr: carriers don’t care about you. Users don’t care about themselves. We’re all fucked.
CIQ is a good argument to buy unlocked from a trusted manufacturer, IMO.
Post a Comment