A "so-called" researcher has found key logging software on an HTC Android phone. The key logger cannot be disabled and is on automatically -- there is neither opt-in or opt-out options and one of the key logger's processes is hidden from the running process list. Every single phone keypad key-press is recorded as is every URL entered into the browser, even if the browser is using Google secure search mode. The users position is also reported even if the user has opted out of the location service.
I am not sure how widespread this software is or which carriers are involved but the article says the software is on millions of phones. It is also not clear yet if anyone is receiving this information but it is certainly in the log on the phone. Here is a 17 minute video which I watched in its entirety because it interests me, but you may want to skip to the middle where he shows the key logging in action http://www.wired.com/threatlevel/2011/11/secret-software-logging-video This is a bit of a black eye for the open-is-better Android bunch where rather than open software what they are really running is a version that their carrier has tampered with and they have not even been aware of this. If the carrier had done a slightly better job of covering its track, not even the researcher would have noticed. Cheers, Carlo -- The WA Macintosh User Group Mailing List -- Archives - <http://www.wamug.org.au/mailinglist/archives.shtml> Guidelines - <http://www.wamug.org.au/mailinglist/guidelines.shtml> Settings & Unsubscribe - <http://lists.wamug.org.au/listinfo/wamug.org.au-wamug>
