HTCs User Behavior Logging with OS 2.3.4

[z50king]

Currently we can only guess what HTC is doing with this new information that is being sent to them. It is known to have the ability to check for rooted phones and report it to HTC. But I think it should still go in the general because most of the people taking the update are non root users, and this affects them as well

As seen on XDA and InfectedROM:

So recently with 2.3.4 update we have found the addition to CIQ in the ramdisk - http://www.carrieriq.com/overview/IQ...ager/index.htm. CIQ is ment to monitor user activity and send logs off to wherever. Shortly after seeing this, team synergy went to work finding out exactly what was being done. Here is the results of our outcome:

Come to find out, CIQ is not the only part of android responsible for sending these stats. They get written out by framework to 4 major locations.

1- /data/system/appusagestats - this folder contains a file called HtcAppUsageStats. It seems to be a file of every intent started on your phone and length of using it.


2- /data/system/usagestats - this seems to be googles usage stats with much of the same info as above but were guessing going off to another location


3- /data/system/userbehavior.db - this seems to have the IPs stuff is sent out to. We found the two open connection IPs in this database, they go somewhere to amazons cloud:
Code:
"39","com.htc.reportagent","log","url","175.41.164.137:8000","-1","175.41.164.13 7:8000" "42","com.htc.reportagent","policy","url","175.41.155.212:2021","-1","175.41.155 .212:2021"


4- /data/system/dropbox - now this is interesting, there was over 500 files in this directory. When we deleted everything in this folder and opened market, logcat reported errors looking for these files. Why is the market looking for these files on start?

Why do we care? Well read Settings -> about phone -> legal -> htc legal. It says this data contains IMEI/stats/GPS/CID/etc. with even just IMEI/stats it _COULD_ be enough to detect a rooted phone and void warranty from this alone, which cannot be disabled by stock functionality.

Luckly synergy was able to defeat this:
Code:

V/HtcAppUsageStats( 4231): handleMessage msg=1 V/HtcAppUsageStats( 4231): (launch app, package): (HTC Sense, com.htc.launcher) V/HtcAppUsageStats( 4231): handleMessage msg=1 V/HtcAppUsageStats( 4231): (launch app, package): (Connect to PC, com.htc.android.psclient) E/SynergyHatesHtcAppUsageStats( 4231): noteResumeActivity E/SynergyHatesHtcAppUsageStats( 4231): java.lang.Exception: Patched Check By Synergy. E/SynergyHatesHtcAppUsageStats( 4231): at com.android.server.am.HtcAppUsageStatsService.addULog(HtcAppUsageStatsService.java:646) E/SynergyHatesHtcAppUsageStats( 4231): at com.android.server.am.HtcAppUsageStatsService.notePauseActivity(HtcAppUsageStatsService.java:703) E/SynergyHatesHtcAppUsageStats( 4231): at com.android.internal.app.IHtcAppUsage StatsService$Stub.onTransact(IHtcAppUsageStatsService.java:110) E/SynergyHatesHtcAppUsageStats( 4231): at android.os.Binder.execTransact(Binder.java:320) E/SynergyHatesHtcAppUsageStats( 4231): at dalvik.system.NativeStart.run(NativeMethod) E/SynergyHatesHtcAppUsageStats( 4231): noteResumeActivity E/SynergyHatesHtcAppUsageStats( 4231): java.lang.Exception: Patched Check By Synergy. E/SynergyHatesHtcAppUsageStats( 4231): at com.android.server.am.HtcAppUsageStatsService.addULog(HtcAppUsageStatsService.java:646) E/SynergyHatesHtcAppUsageStats( 4231): at com.android.server.am.HtcAppUsageStatsService.notePauseActivity(HtcAppUsageStatsService.java:703) E/SynergyHatesHtcAppUsageStats( 4231): at com.android.internal.app.IHtcAppUsageStatsService$Stub.onTransact(IHtcAppUsageStatsService.java:110) E/SynergyHatesHtcAppUsageStats( 4231): at android.os.Binder.execTransact(Binder.java:320) E/SynergyHatesHtcAppUsageStats( 4231): at dalvik.system.NativeStart.run(NativeMethod)

Original Link:
HTCs User Behavior Logging

 

[jdsingle]

I'm not going to lie, this makes me annoyed if it is true. I hope everyone reads this and maybe we can get something going on Facebook against HTC for this kind of stuff. They shouldn't be collecting that much data.

 

[z50king]

After taking the update there was a box asking if I wanted to let HTC monitor my phone. I checked no. Would that alleviate HTC from doing what you said above or is this something they do no matter what?

I don't think that's the same thing. This is real, the folders are all there to collect the info and one folder is full of IP assesses to send the info to. The legal details in the settings talk about it too

 

[Belgaraath]

I see you listing the info gathered, usage stats, rooting, even market info. but i see nothing saying your identifiers on the phone. in other words, they are getting the info on how we use the phone, I would guess not to use against us, but to see what things to focus on to please us?

google web records every search, cookies track locations, even traffic cameras track where we go. I don't think a little non identifying info is such a bad thing, maybe there tracking how many are rooted to decide on the s-off?

Yes I could be wrong and they are out to void every warranty there is for root. BTW how much do you think that would cost, in notifying all the warranty centers and all the retailers alone.....

 

[jdsingle]

goggle records every search, cookies track locations, even traffic cameras track where we go. I don't think a little non identifying info is such a bad thing, maybe there tracking how many are rooted to decide on the s-off?

Yes I could be wrong and they are out to void every warranty there is for root. BTW how much do you think that would cost, in notifying all the warranty centers and all the retailers alone.....

Goggle? Google? Yeah, they may record that but you also have the ability to remove yourself from those data collection techniques. I had them turned off once I found out about them.

How much would it cost? I think you should be thinking how much would they save? If they could void every warranty swap on a rooted phone that would probably help them quite a bit number wise. But even if it was a question of how much it would cost...probably not hard at all. They find out your phone is rooted, they make a notation on your account, Sprint store pulls up your info and bam you're denied. All it is is data entry.

 

[Belgaraath]

OK yes they could write a batch file, that will spin off all the info to every store that has access to HTC inner database. I doubt every retailer has it. but again, they have nothing to identify you with the log. We just went over the data they are sending, and nothing about you.

We got referred to the HTC Legal, and we should read it. "Some applications or features of your HTC Android Device might cause other information to be sent to HTC but in a manner that cannot be identified with you personally"

Again, we cannot know for sure whether the question the system asked if I wanted to let HTC monitor my phone relates to the information, we cannot be sure that our personal information will be shared, and we cannot be sure that they will not void our warranty. but they are plenty of "privacy issues" that are in black and white that we should address before we dive into the what-if's on this. Sometimes you have to trust in what you read on the phone, and not what you can assume by filling in your own blanks.

This is just my opinion on the matter, and If we disagree that is fine, but I will not hash this out any more, you have every right under our freedom to make you own decision on this, as to I.

 

[SolApathy]

The only concern I have is if HTC made a simple tweak to the code to include personally identifiable information.

 

[z50king]

they are getting the info on how we use the phone, I would guess not to use against us, but to see what things to focus on to please us?

haha, i doubt they will use this info to please us. They will use it to see what we use the most and find ways to sell it out to advertisers or any other way of making money

 

[marctronixx]

why be so pessimistic? why see the glass as half empty? you nor i have no concrete evidence either way.

 

[jdsingle]

OK yes they could write a batch file, that will spin off all the info to every store that has access to HTC inner database. I doubt every retailer has it. but again, they have nothing to identify you with the log. We just went over the data they are sending, and nothing about you.

We got referred to the HTC Legal, and we should read it. "Some applications or features of your HTC Android Device might cause other information to be sent to HTC but in a manner that cannot be identified with you personally"

Again, we cannot know for sure whether the question the system asked if I wanted to let HTC monitor my phone relates to the information, we cannot be sure that our personal information will be shared, and we cannot be sure that they will not void our warranty. but they are plenty of "privacy issues" that are in black and white that we should address before we dive into the what-if's on this. Sometimes you have to trust in what you read on the phone, and not what you can assume by filling in your own blanks.

This is just my opinion on the matter, and If we disagree that is fine, but I will not hash this out any more, you have every right under our freedom to make you own decision on this, as to I.

What? You responded to my comment with nothing that was a part of what I said. Did I say anything about getting personally identifiable information? I told you Google gives you the option to disable tracking. Again, you responded to nothing in my comment.

 

[jerofld]

People are putting the blame on HTC. Why? The 'C' in 'CIQ' stands for Carrier. From reading the linked page, it is supposed to report on what the user is doing and what services they are using. Clearly this is Sprint's doing. HTC has just made their reporting software more visible (Tell HTC has been there since day one).

If it is actually Sprint's doing, they don't need to get identifying information from the phone itself. They already know who the data belongs to.

[tinfoil_hat]But this could be used to monitor who is rooting and using free tether. Just because this information does not log who you are, they know who you are already. But monitoring services used? Sounds like what Verizon just did to their droid series. When the Droid series got Gingerbread, it came with a services monitor, too. 6 months later, they implement a patch that shuts down unauthorized tethering. Sprint just put out a patch that makes it so the Nexus S 4G doesn't have free wifi tether even when not rooted. This could just be another step in trying to lock unauthorized tethering down.[/tinfoil_hat]

 

[evolution3d]

For those of you who are rooted it looks like there is an almost stock ROM that removes this usage monitoring.

[Kernel]8/21/11 Modified Stock 2.08.651.2 (2.6.35.13-g84f8edd) - xda-developers

Has anyone tried it yet? I may consider giving it a go myself.

 

[EarlyMon]

Currently we can only guess what HTC is doing with this new information...

<snip!>

This isn't new - they may (or may not) be using a new 3rd party service to help gather the data.

This is exactly what they've been doing for over a year that I'm personally aware of from the Evo days.

That a few independent devs have just now learned of the new file names involved does not make this a new deal.

Sky: still not falling.

If you're stock, go to Settings -> About phone -> Tell HTC and turn it off.

If you're rooted, delete the iCQ files (and/or run freeza's 2.3.4 kernel listed in post above mine).

Then, call it a day, move on to bigger problems.

PS - The Evo kernel was patched to disallow tethering, exactly why some of us went and used a custom kernel to allow it.

Still not big news.

As it says on the front cover of The Hitchhiker's Guide To The Galaxy in glowing letters in an unusually friendly font - Don't Panic.

 

[evolution3d]

If you're stock, go to Settings -> About phone -> Tell HTC and turn it off.

If you're rooted, delete the iCQ files (and/or run freeza's 2.3.4 kernel listed in post above mine).

Can you just delete the iCQ files when rooted without installing freeza's 2.3.4 kernel?

I don't have the Tell HTC setting, I know you were having a similar issue. Did you ever find out why?

 

[EarlyMon]

Can you just delete the iCQ files when rooted without installing freeza's 2.3.4 kernel?

I don't have the Tell HTC setting, I know you were having a similar issue. Did you ever find out why?

Pretty sure that Tell HTC was part of the firmware update we skipped to keep root. (By the same token, we retained the fastboot setting.)

Yes - you can freeze the iCQ files and that's the end of that - ample pointers to how on XDA.

Or - just run one of the roms that already has that junk turned off.

 

[evolution3d]

Pretty sure that Tell HTC was part of the firmware update we skipped to keep root. (By the same token, we retained the fastboot setting.)

Yes - you can freeze the iCQ files and that's the end of that - ample pointers to how on XDA.

Or - just run one of the roms that already has that junk turned off.

I just went ahead and installed freeza's kernel.

 

[LBPHeretic]

This is pretty interesting. I thought if I opted out, there would be no data collection.

I just followed the advice that EarlyMon gave and turned it off, AGAIN, apparently. People who are not interested in the data collection by HTC should check the Tell HTC setting as advised above.