How is it possible that in 2026 we're not notified by default when we connect to a cell tower with no certificate so our communications is being broadcast into the air completely unencrypted?
5G added that with Subscription Concealed Identifier (SUCI), but it's still optional. Certificates also don't work because you need to be able to roam, and doing certificate management for every carrier on earth is fiendishly hard. Not to mention that it's not feasible to hide IMEI before authentication could begin, imagine hiding IP or MAC addresses before a connection can be established, for instance.
Certainly, there are other market forces at play. Certainly carriers refusing changes and refusing to let a 3rd party authority sign their certs.
Have they? The solution to IP addresses is basically "use a VPN", which you could do also on a phone. SNI leaks have been around since forever, and despite eSNI, still isn't close to being widely fixed. There's MAC address randomization, but only because LANs and wifi networks are basically an unregulated free for all, so spoofing doesn't really matter. It's far less viable with controlled access networks like cellular. Some countries even have regulations banning spoofing/changing IMEIs.
I think at least the former is intentional.
Cell encryption is not end-to-end, so even with cell signal encryption I'm susceptible to snooping by:
- the phone company
- the government if they serve the cell phone company with a warrant or other legal proceding
- malicious downstream actors
I'll use HTTPS for browsing to mitigate the damage of course, but even so without cell signal encryption, I'm susceptible to all of the above, plus any physically nearby actor can:
- see my text messages and possibly inject fake messages
- hear my phone calls
- see which IP addresses I'm communicating with (though not the contents of that communications if I'm encrypting with HTTPS)
- If app store security is inadequate or has flaws, they could force-feed me a malicious app disgused as an "update".
- I don't control the communications used by individual apps, so they can see any data passed in the clear, and trigger and exploit vulnerabilities in those apps via MITM.
So cell signal encryption helps a lot, though certainly it's not sufficient by itself.
The police may have to sometimes jump though a couple of rubber stamped hoops, or hand over stacks of taxpayer money to companies for access to their online law enforcement portals, but the government is already inside taking everything that passes through those companies, using hardware those companies have been forced to install and/or by the outright seizure and occupation of their private property. There's nothing constitutional about it, but this has been true for a very long time (https://en.wikipedia.org/wiki/Room_641A) and it's not going to change.
The harder and obvious it is, the better.
With phone interception, I can't imagine any other actor being sophisticated enough to bother with setting up the stringray thingy. Maybe something very targeted to get somebody very special (having a hot wallet with 20 bitcoins and going around the city with it comes to mind), but I would still expect the simplier methods there too.
Add: Even with the normal HTTP traffic, mitming was way more common and more practically exploitable back in the day, just by setting up a rogue wifi AP and fishing for passowrds. I'm not sure it was ever a thing with stringrays when non-government actors did something with them.
This is why you should always toggle the setting that disables 2g/3g fallback.
With 4G, for example, your device will refuse to connect fully unless the network can pass the cryptographic challenge that proves it shares the key material included in your SIM card (I know, I know, symmetric keys are not ideal). The best an attacker can hope to do in 4G+ is harvest your subscriber ID (IMSI) or deny you service while you are in range.
Edit: whatever the answer is, it needs to work when this pops up frequently, because it will.
They can go through the area, catch a whole bag of IMSIs and then.... what? What capability does it enable? Knowing when a certain person of interest shows up in a certain locality? Can't they get it from the phone company without a warrant anyways, just by asking nicely? If it's not targeted, what the data is even used for theoretically?
> software can only do so much. For these security features to work, your phone's modem has to be able to communicate with the Android OS in a very specific way
> Because of this hardware requirement, the full suite of these network security tools is currently exclusive to the Pixel 10 series
Like the notifications are nice, but they're not a Allow / Deny popup. When you get the popup your data could've been intercepted.
- 5G/4G/3G/2G (Auto Connect) - 4G/3G/2G (Auto Connect) - 3G/2G (Auto Connect) - 3G Only
Flagship Samsung from the last 3 years. I have to expose myself to 2G, despite no 2G towers being active in my country. We don't even have 3G anymore either.
Thankfully, my country is slow on that. I have some brick phones lying around for when I go in the field. The duration of the battery is like twice on 2g than on 3g on standby (Like two and half to five days; I haven't checked talking time). Granted, that might be phone specific, network specific, or something else specific, but when internet is not needed, I have more use for extra battery than extra security.
I know my government has 100% control over my telecomunications. It is a tradition in this country.