2G security flaws remain problematic…regardless of your smartphone

While Google recently added an option to disable unsecured 2G connectivity on Android smartphones, the Electronic Frontier Foundation (EFF), a digital civil liberties advocacy group, is calling on Apple to do the same on iOS. For the NGO, the game is well worth the effort given the security risks 2G poses to iPhone users.

The first digital cellular network standard that emerged in the early 1990s when Nokia still dominated mobile telephony, 2G still has many “holes in its racket” today. As the EFF points out, this can be explained by the fact that 2G was developed when standards bodies had not taken into account new threats to mobile networks.

“2G has two main problems. First, it uses weak encryption between the tower and the device, which an attacker can crack in real time to intercept calls or text messages. In fact, the attacker can do this passively without transmitting a single packet. “The second problem with 2G is that there is no authentication of the tower against the phone, which means that anyone can impersonate a real 2G tower and a phone that uses the 2G protocol will never know. »

A cumbersome IMSI

Exploiting IMSI (International Mobile Subscriber Identity), the hackers’ practice of spoofing base stations has been used by law enforcement and other actors around the world to intercept mobile phone traffic and location data by forcing devices with 2G modems to connect to 2G surveillance devices. . Although newer standards like 3G, 4G, and 5G are designed to protect against this attack, newer IMSI sensors can be used in so-called downgrade attacks since mobile modems still support 2G.

“This makes all users vulnerable, from journalists and activists to medical professionals, public officials and even law enforcement,” warns the EFF. The new setting to disable 2G is available on newer Android phones. On Google Pixel, it can be changed via Settings > Network and Internet > SIM > Allow 2G, where there is an option to disable 2G. However, it is enabled by default to support emergency calls. Therefore, users need to disable it manually.

The new settings may not be available on older Android devices and may only be available on newer Samsung phones with a different name. Google introduced the option to disable 2G in Android 12, but since it was implemented in the radio’s hardware abstraction layer (HAL), it is only available on Android devices that have implemented this version. HALs sit between Android and the hardware driver and are not updated frequently.

Apple following in Google’s footsteps?

Google explains in the Android 12 patch notes that the switch to disable 2G is part of HAL Radio 1.6, and while the switch is enabled by default, carriers can disable the feature when running. “Device manufacturers must ensure that all networks are available during emergency calls,” adds Google.

While carriers in North America, South Korea, Japan, and Taiwan have already disabled 2G networks, many networks in Europe will support 2G until 2025, and in some cases even after they disable 3G, according to EMnify, a specialist company. in Internet of things cellular. (Internet of Things).

The EFF calls on Google, Apple and Samsung to improve the availability of options to disable 2G for the user. “We are very pleased with the steps Google has taken here to protect users from 2G vulnerabilities, and while there is still a lot of work to be done, this will ensure that many people can finally receive a basic level of protection,” says the EFF. . . “We strongly encourage Google, Apple and Samsung to invest more resources in radio security so they can better protect smartphone owners. »

Source: .com

Woodmart Theme Nulled, WP Reset Pro, Newspaper 11.2, Newspaper – News & WooCommerce WordPress Theme, Premium Addons for Elementor, Rank Math Seo Pro Weadown, WeaPlay, WordPress Theme, Plugins, PHP Script, Jannah Nulled, Elementor Pro Weadown, Woocommerce Custom Product Ad, Business Consulting Nulled, Jnews 8.1.0 Nulled, Avada 7.4 Nulled, Nulledfire, Dokan Pro Nulled, Yoast Nulled, Flatsome Nulled, PW WooCommerce Gift Cards Pro Nulled, Astra Pro Nulled, Woodmart Theme Nulled, Slider Revolution Nulled, Wordfence Premium Nulled, Elementor Pro Weadown, Wpml Nulled, Consulting 6.1.4 Nulled, Fs Poster Plugin Nulled

Back to top button