Remember Carrier iQ? In the years before Edward Snowden’s revelations about the NSA, the name and its software became synonymous with creepy, unseen monitoring of everything that you do on a smartphone on behalf of carriers and phone makers — allegedly in the name of better user experience.

Now the company appears to be no longer.

TechCrunch has confirmed that AT&T has acquired certain software assets from Carrier iQ, along with some staff. The site itself — and the wider company, it seems — has gone offline.

“We’ve acquired the rights to Carrier iQ’s software, and some CIQ employees moved to AT&T,” an AT&T spokesperson tells us. AT&T signed on as a customer years ago to use the CIQ software across phones on its network to troubleshoot wireless quality for its customers, and the spokesperson went on to explain that this still the case.

Everyone who carries a cellphone generates a trail of electronic breadcrumbs that records everywhere they go. Those breadcrumbs reveal a wealth of information about who we are, where we live, who our friends are and much more. And as we reported last week, the National Security Agency is collecting location information in bulk — 5 billion records per day worldwide — and using sophisticated algorithms to assist with U.S. intelligence-gathering operations.

How do they do it? And what can they learn from location data? The latest documents show the extent of the location-tracking program we first reported last week.

The NSA doesn’t just have the technical capabilities to collect location-based data in bulk. A 24-page NSA white paper shows that the agency has a powerful suite of algorithms, or data sorting tools, that allow it to learn a great deal about how people live their lives.

Those tools allow the agency to perform analytics on a global scale, examining data collected about potentially everyone’s movements in order to flag new surveillance targets.

For example, one NSA program, code-named Fast Follower, was developed to allow the NSA to identify who might have been assigned to tail American case officers at stations overseas. By correlating an officer’s cellphone signals to those of foreign nationals in the same city, the NSA is able to figure out whether anyone is moving in tandem with the U.S. officer.

The National Security Agency is gathering nearly 5 billion records a day on the whereabouts of cellphones around the world, according to top-secret documents and interviews with U.S. intelligence officials, enabling the agency to track the movements of individuals — and map their relationships — in ways that would have been previously unimaginable.

The records feed a vast database that stores information about the locations of at least hundreds of millions of devices, according to the officials and the documents, which were provided by former NSA contractor Edward Snowden. New projects created to analyze that data have provided the intelligence community with what amounts to a mass surveillance tool.

The NSA does not target Americans’ location data by design, but the agency acquires a substantial amount of information on the whereabouts of domestic cellphones “incidentally,” a legal term that connotes a foreseeable but not deliberate result.

One senior collection manager, speaking on the condition of anonymity but with permission from the NSA, said “we are getting vast volumes” of location data from around the world by tapping into the cables that connect mobile networks globally and that serve U.S. cellphones as well as foreign ones.

U.S. officials said the programs that collect and analyze location data are lawful and intended strictly to develop intelligence about foreign targets.

The NSA has no reason to suspect that the movements of the overwhelming majority of cellphone users would be relevant to national security. Rather, it collects locations in bulk because its most powerful analytic tools — known collectively as CO-TRAVELER — allow it to look for unknown associates of known intelligence targets by tracking people whose movements intersect.

CO-TRAVELER and related tools require the methodical collection and storage of location data on what amounts to a planetary scale.

“One of the key components of location data, and why it’s so sensitive, is that the laws of physics don’t let you keep it private,”

The number of Americans whose locations are tracked as part of the NSA’s collection of data overseas is impossible to determine from the Snowden documents alone, and senior intelligence officials declined to offer an estimate.

“It’s awkward for us to try to provide any specific numbers,”

Devices trackable over any 3G network.

New privacy threats have been uncovered by security researchers that could allow every device operating on 3G networks to be tracked.

The vulnerabilities could be exploited with cheap commercial off-the-shelf technology to reveal the location of phones and other 3G-capable devices.

The flaws affected the latest 3G networks that were hardened by discarding GSM interoperable networks that were long known to be vulnerable to interception techniques.

Attackers did not need to perform cryptographic operations nor possess security keys to instigate the attacks.

“[These] kind of vulnerabilities usually look trivial once uncovered but often remain unnoticed for [a] long time, since they do not involve fancy cryptography but are caused by errors in the protocol logic,” the researchers wrote in a paper.

The 3G global industry watchdog, the 3GPP, is investigating the research. It was reportedly informed of the flaws about six months ago, but lengthy revision processes for global mobile phone protocols could explain why fixes have not been circulated and implemented.

Two attacks were conducted using off-the-shelf kit and a rooted — or modified — femtocell unit which broadcasted a 3G signal. The attacks were made by intercepting, altering and injecting 3G Layer-3 messages into communication between the base station and mobile phones in both directions.

One attack, the IMSI paging attack, forced mobile devices to reveal the static identity (TMSI) in response to a temporary number (IMSI) paging request which contained the IMSI, a number which was assumed was known to the attacker.

This would reveal the presence of devices in a monitored area, breaking anonymity and ‘unlinkability’ by revealing the IMSI and TMSI correlation.

In the Authentication and Key Agreement (AKA) protocol attack, the same authentication request would be injected to all phones in range causing all but the targeted device – which would return a Mac failure — to respond with synchronisation failures.

The researchers wrote that the attacks could be used to track staff movements within a building.

“If devices with wider area coverage than a femtocell are used, the adversary should use triangulation to obtain finer position data.”

What do you get when you mix technology with candy bars? In a cool yet creepy marketing campaign, Nestle plans to stalk consumers with a “we will find you” promotion that involves GPS trackers embedded in chocolate bars.

What do you get when you mix technology with candy bars? In a cool yet creepy marketing campaign, Nestle plans to stalk UK consumers. The company kicked off a unique promotion called “We will find you” that involves GPS trackers embedded in chocolate bars. When a winning consumer opens the wrapper, it activates and notifies the prize team who promises to track them down within 24 hours to deliver a check for £10,000.

In an additional chocolate-mixed-with-technology promotion, Nestle is tapping the NFC-enabled mobile phone market. An outdoor campaign involves 3,000 posters with NFC and QR codes.

-> Wonder how long before someone stars running up and down candy store aisles with a metal detector.

SECURITY RESEARCHERS have uncovered Android malware that claims to help you out by removing Carrier IQ spyware and unlock hidden functions.

Symantec and F-Secure have released details of scams in which users are tricked into downloading and using an app or web site to supposedly remove or unlock content. They have identified two such Trojans that instead send text messages to premium rate phone numbers.

Criminals have turned to mobile malware due to the recent increase in the adoption of smartphones. However, it is unclear whether these types of threats will reach the level of significance associated with desktop malware.

The Electronic Frontier Foundation, in a continued bid to fight against injustices related to emerging technologies, has cracked open the Carrier IQ software package.

With the help of a few volunteers Carrier IQ has been parsed into its three layers — an app, a database, and a configuration file — and produced an app to uncover exactly what information your handset is collecting. Using the app, IQIQ, the EFF hopes to garner enough user data to blow the thing completely open.

Some Facts About Carrier IQ (architecture)
https://www.eff.org/deeplinks/2011/12/carrier-iq-architecture

Analyzing Carrier IQ Profiles
https://www.eff.org/deeplinks/2011/12/analyzing-carrier-iq-profiles

IQIQ transforms Carrier IQ Profiles from WBXML to human-readable XML.

There are also some examples of default Profiles from some Android-derived smartphones,
https://git.eff.org/?p=iqiq.git;a=tree;f=profiles;hb=master