[dreamdu5t]

"Unfortunately, our current belief is that the layer-4 logging that has been observed, which goes to Android system logs, is in fact being inadvertantly transmitted to some third parties and otherwise made available to other applications on the device.

This happens when crash reporting tools collect copies of the system logs for debugging purposes. The recipients of such transmissions are unlikely to have anticipated receiving keystrokes, text messages, URLs or location information through such channels, but that can in fact happen on some of the phones to which Carrier IQ has been ported.

What this means is that keystrokes, text message content and other very sensitive information is in fact being transmitted from some phones on which Carrier IQ is installed to third parties."

[TeMPOraL]

How come we haven't noticed this before? That is, some of those logs were probably sent at some point to somebody who didn't exactly expect this kind of data. I'm surprised nobody found out sooner.

[nkassis]

people rarely read error logs?

[Natsu]

In the logs made public in one of the earlier HN stories, the messages and such are a small part of the log. There was a ton of crap about the phone with someone's text message buried in the middle.

Similarly, the keypress logs were in hex or something as I recall. All there and usable by anyone who knew what it was, but maybe not that obvious if you didn't know what the hell that part of the log meant.

In other words, if people were just scanning the logs for other stuff, rather than reading each log carefully, they'd probably have ignored that stuff.

[TeMPOraL]

Even if they go to great lengths to make their apps send crash reports to them?

[interlagos]

The Android crash report functionality does send logs to Google, however Google does not forward these to third-party developers.

Third-party apps can request READ_LOG manifest permissions and directly monitor the log, but that is an incredibly rarely used permission that tends to raise flags.