iOS hacker chpwn today confirmed that Carrier IQ keylogger, which is making waves on Android OS, is available on all iPhone operating system too, including iOS 5. But don’t you worry, Carrier IQ on the iPhone only logs technical data and it’s disabled by default in iOS 5. For older firmware like iOS 4.x or 3.x, you have to manually disable Carrier IQ on iPhone by turning off “Diagnostics and Usage” in Settings.
After digging deep into iOS 5 operating system, chpwn discovered that the Carrier IQ keylogger is run from a daemon under different name: /usr/bin/awd_ice3. In iOS 4, /usr/bin/awd_ice2 and in iOS 3 Carrier IQ is run from /usr/bin/IQAgent. DIY minded users or devs can view these files using iFile or extract on a jailbroken iPhone.
But unlike in Android OS, daemons in iPhone OS doesn’t have any access or communication with the UI layer, where text entry is done, confirmed chpwn. That means that iOS wouldn’t be logging your login credentials and sensitive information such as passwords, emails, SMS messages, browsing history etc.
It appears that CarrierIQ only log some of the basic information like your name, phone number, carrier information, active phone call details (not what number was dialed or it was received from), and your location (if Location Services are enabled).
But the best part is that Apple has provided you full control to enable or disable Carrier IQ via Diagnostic Mode. We would suggest you to immediately it turn-off via Settings.app, if you haven’t already. Navigate through Settings > General > About > Diagnostics & Usage to turn-off Carrier IQ rootkit Via [chpwn]