Another reason why all your software must be free software: Carrier IQ

Posted on by

Freedom is participation in power.Marcus Tullius Cicero

Wikipedia’s summary of Carrier IQ rootkit events to date:

In November 2011, researcher Trevor Eckhart claimed that Carrier IQ was logging information such as location without notifying users or allowing them to opt out, and that the information tracked included detailed keystroke logs, potentially violating US Federal law.

Carrier IQ did what proprietors usually do—bully the investigator. But Eckhart was smart, got in touch with the Electronic Frontier Foundation, and defended himself. Now Carrier IQ is backing down.

CNN has an article on this scandal in which they bury the lede. What’s the real solution here? Simple: all your software must be free software, software that respects your freedom to run, share, and modify the program. Freedom (by any reasonable definition, such as Cicero’s above) is denied to you by design under proprietary software.

Why?

  • Because free software is the only way to keep programmers, resellers, and anyone else who can program a computer honest and since it’s likely you don’t program (most computer users don’t program) you’ll need to become accustomed to hiring an expert to look out for your interests in the same way you hire a plumber, electrician, doctor, or lawyer to do their expert work. Face it, the computer is a part of your everyday life now. This means you need permission to make all of your computers do what you want them to do, not what some proprietor like Apple, Nokia, or Carrier IQ says they should do.
  • Because apparently you can’t trust proprietors. Consider what Apple told CNN in the aforementioned article: [Apple] says it stopped supporting it in the latest version of iOS and will completely eliminate Carrier IQ from all iPhones and iPads in an upcoming software update. Apple’s claim is entirely unverifiable. Without software freedom nobody has any idea if any Apple update will remove Carrier IQ or replace Carrier IQ with some other program that does the same job. The only way to figure that out is doing the kind of work Eckhart did—reverse engineering—which is time-consuming and runs the risk of facing Apple’s hyper-litigiousness. Apple is no stranger to bullying people who want to take control of their computers (1, 2, 3 to name a few that happen to involve the EFF). Your trust has already been betrayed, so there’s no reason to believe a proprietor is on your side. There’s no reason to believe any proprietor will become as trustworthy as an expert who competes by revealing as much to you as you want to know. If you learn to program, you can become your own expert and diagnose and fix your computers anytime you wish. Deciding for yourself which jobs are too big or just right for you should be your decision to make. Therefore you need software freedom.

This is an ethical and social issue, not really a technological issue. The heart of this issue is not how to increase software development efficiency, it’s how to build a society where all computer users live in freedom. The pursuit of software freedom is what the free software movement is all about.

Common questions about issues like these

I’ve heard that one solution to this problem is to let users switch Carrier IQ on and off. Won’t that fix the issue?

No. Such a switch is likely to give users the idea that they are in control of a proprietary program when, in fact, they are not. Users could still suffer privacy violations by

  • other programs that do the same job—there’s nothing to say proprietary developers won’t write another program that does violate the user’s privacy and accomplishes that task much better than anything prior. Users would be no more free than they are today.
  • an on/off switch that does nothing—what if the on/off switch changed nothing? A proprietary program to control another proprietary program is substituting one uninspectable black box for another, perhaps switching from one proprietor to another. Freedom means not having masters.
  • looking at this issue according to the type of computer they’re dealing with—the logic that all users deserve software freedom applies to all software running on any kind computer, regardless of size, cost, purpose, brand, or technology.

But in the US, Senate hearings might put some people in an embarrassing fix! That’ll help move things along to fix the problem, won’t it?

No. Such action will result in a dog-and-pony show that gives the public a distraction—a chance to chuckle at the expense of some CEOs with no real change to what information is collected or where that information goes.

Update 2011-12-05: EFF has a blog post on why various proprietors should allow cell phone jailbreaking. On the plus side, this post points out how Apple is either incompetent in their business or lying about the affect of allowing users to break out of the proprietary “jail”, and the article has some examples of how users were able to protect themselves from the security problems brought on by lackadaisical proprietors who didn’t update their broken code in a reasonable timeframe. On the minus side, EFF again misses an opportunity to show that this affects all computers and all computer users. There’s nothing special about cell phones here; breaking out of the proprietary jail is something all computer users need to do.