More about CIQ and HTC including a rather massive exploit with permissions

Back in the beginning of September our hardware nut, Shamus, wrote about CIQ services and how HTC is using them to watch everything you do and collect that data. Well XDA has done further digging into this and found even more information on what CIQ and HTC are doing.

Mostly affecting newer HTC devices such as the Sensation and Evo 3D, HTC has included services from CIQ which, in a short and dirty explanation, essentially monitors your activity on your phone. CIQ stands for Carrier Intelligence Quotient and has been used by many carriers and manufacturers for quite some time now. Recent updated to this tool, however, cross a line with privacy and security on your Android device and HTC has all of these implemented.

CIQ accesses:

  • Screen presses and coordinates of where
  • Application usage and how much time is spent in each app
  • GPS location periodically and current when requested
  • Accelerometer usage, including current orientation of handset along with use of the —
  • Magnetometer (digital compass).
  • Both front facing and rear facing cameras with latest update.


HTC officially came out once all of this started to drop into the public domain’s knowledge stating that these services can be opted out of and once you opt out, HTC wouldn’t be able to collect any information. Well a member over at XDA has not only proven that you can’t opt out of this by conventional means, but that these apps also making a gaping hole in security through the use of the android.permission.INTERNET permission with any installed app that has this permission enabled.

HTCLogger allows any app that has access to android.permission.INTERNET on devices such as the evo3d to obtain full access to query sensitive info such as network/appusagestats/meid/esn/phone#/past 10 location broadcasts and last known locations/and more.

While HTC having access to all of this information from your device is bad enough, with the use of the android.permission.INTERNET by another app, it can easily be intercepted and sent anywhere to anyone else which could possibly lead to your device being fully cloned or worse if the person intercepting all of this information knows what they are doing. We are even working on a proof-of-concept with some security people about how else this could be used in order to show companies like HTC the dangers of having this sort of service on a device.

Currently the only way to remove CIQ from your Android device is to fully root it. Unfortunately there is no known way for unrooted users to remove CIQ. If you are worried about if you are vulnerable or not, you can use a niftly little app to check to see if you are. For those of you who do use rooted devices, there are instructions for removal over on this XDA Thread should you feel like not being completely spied on by HTC.

You can check all of this out in action in the video above.

Website Referenced: XDA

Share This

You Might Also Like