If you've been following the Android hacking scene lately, you might have heard about some scary-sounding software called Carrier IQ — it's loaded up at the kernel level on devices by HTC, Samsung, and others, and creates detailed logs of everything that happens on a phone without user intervention or control. That's bad enough, but now Carrier IQ is going after xda member Trevor Eckhart (TrevE), the security researcher who discovered it. The company sent an incredibly aggressive cease-and-desist letter to him last week, claiming that he was infringing the copyright in the publicly-available training materials he reposted on his site and demanding that he replace his post with a full retraction and issue the same retraction as a press release. That's a little intense, even for a company that feels wronged — but it's a particularly bad move for a company that needs to reassure people it's not spying on them.
Eckhart didn't cave, though: he retained the EFF as counsel, and they've responded to Carrier IQ, saying that Eckhart's use of copyrighted training materials is protected by the fair use exemptions to copyright law. More damningly, the EFF says that it believes Carrier IQ's threats "are motivated by a desire to suppress Mr. Eckhart's research conclusions, and to prevent others from verifying those conclusions." We'll see what Carrier IQ has to say — and we'll see if the company really is helping major Android vendors and carriers monitor the activities of their customers. Buckle up.
Thanks to everyone who sent this in!