Interesting. With IP tables you can pretty much control anything that most devices do as far as outside access goes. I never have used IP table rules per se on my 4 G but I have used Smoothwall and other firewall software on Linux machines. However this has limits because of common spawned child processes in any OS. Whitelisting might be better but I am not sure about that.
I do use Droidwall to block outbound applications. It seems to work well but there is no easy way to tell whether it is or not since its pretty difficult to use port scanning software reliably on a portable device or use a packet sniffer to see what it actually puts on the network.
All of this having been said. I did watch the video on Wired.com that showed the CIQ presence and during the video noticed the CIQ logo on the apps on that phone. I checked and have half a dozen apps with the same logo running on my Atrix 4G. I am running a rooted phone and using taskmanager it is impossible to force stop many of these apps. It is also very difficult without a detailed process tree to know which of these apps are doing what. While I see on another thread here that some are pretty sure that the Atrix 4G does NOT have Carrier IQ even using an app available from the Android Store to detect it, I would be very careful with that assumption. Go to Wired, watch the video and notice he points out the apps, each with the letters CI in a yellow disk. Thats the logo. On the Atrix 4G running 2.3.4, I have the following apps with the logo--they are Contacts Data, Motorola Services, Suggestions Poll Scheduler Services, Contacts Sync (which can be force stopped with root access), Fake Blur xmpp (which can be stopped). HST Cmd which can be stopped, Motorola Indexing Service (stoppable), Motorola Storage Monitor (stoppable), Social Messaging Service (stoppable), and Suggestions CoreRuleChecker Services (stoppable). These can be found using Taskmanager and stopped there with root access. Bear in mind that some of these apps may wake up independent of whether you force stop them, call home if in fact that is what they are supposed to do, and then go back to sleep.
Observation--- maybe this company only wrote these apps for the 4G and they are not really CarrierIQ apps per se. Thats a possibility. Again, look at the video on Wired.com (and I am sure on Youtube) and you see the same company logo on the apps. So in spite of the new app that supposedly checks for CIQ, how is it possible to know. In my opinion other than unlocking the bootloader and installing another ROM or managing to packet sniff (the way the guy did on the video) its not possible. Additionally even using Droidwall, without a detailed process tree and understanding of what goes on, your attempt at blocking an app may not be successful-because in Linux and Android--a form of Linux-- many apps spawn child processes to do tasks--and the same type of child process may be used by other legitimate apps to have access to the outside world.
I do not use social networking services (whole other problem considering what data some of them record on their users). I also am security conscious from having been an online trader for many years, building my own computers and doing some coding--and having to protect my trading account and software. I am no expert-- certainly not on Android nor am I an IT pro. Additionally I have nothing to hide in my life- I only think that the modicum of privacy many of us take for granted is slowly being encroached upon by our reliance on things digital and I personally do not like it.
The only way to get rid of this type of garbage without limiting the functionality on your phone might be to install a third party ROM (which I will do when support for the Lapdock and Webtop is more common). But even with a third party ROM you only control your digital world until the signal leaves the phone and after that anything can happen. Otherwise blocking outside access to a process that uses it with a firewall,while better than nothing, results in huge error logs, and a bloated and possibly somewhat slower phone. There arent any simple answers to this in my opinion...and this is only my opinion. I never would do anything sensitive like online banking or any type of financial process on my Android appliance nor would I ever visit any type of site which public knowledge of could reflect badly on me. Security starts with usage habits and trying to understand the limitations and vulnerabilities of the appliance. Just my 2 cents worth.