EFF: Your Phone Is Vulnerable Because of 2G, But it Doesn't Have to Be

Your Phone Is Vulnerable Because of 2G, But it Doesn't Have to Be

Security researchers have been talking about the vulnerabilities in 2G for years. 2G technology, which at one point underpinned the entire cellular communications network, is widely known to be vulnerable to eavesdropping and spoofing. But even though its insecurities are well-known and it has quickly become archaic, many people still rely on it as the main mobile technology, especially in rural areas. Even as carriers start rolling out the fifth generation of mobile communications, known as 5G, 2G technology is still supported by modern smartphones.

The manufacturers of operating systems for smartphones (e.g. Apple, Google, and Samsung)  are in the perfect position to solve this problem by allowing users to switch off 2G.

What is 2G and why is it vulnerable?

2G is the second generation of mobile communications, created in 1991. It’s an old technology that at the time did not consider certain risk scenarios to protect its users. As years have gone, many vulnerabilities have been discovered in 2G and it’s companion SS7.

The primary problem with 2G stems from two facts. First, it uses weak encryption between the tower and device that can be cracked in real time by an attacker to intercept calls or text messages. In fact, the attacker can do this passively without ever transmitting a single packet. The second problem with 2G is that there is no authentication of the tower to the phone, which means that anyone can seamlessly impersonate a real 2G tower and your phone will never be the wiser. 

Cell-site simulators sometimes work this way. They can exploit security flaws in 2G in order to intercept your communications. Even though many of the security flaws in 2G have been fixed in 4G, more advanced cell-site simulators can take advantage of remaining flaws to downgrade your connection to 2G, making your phone susceptible to the above attacks. This makes every user vulnerable—from journalists and activists to medical professionals, government officials, and law enforcement.

How do we fix it?

3G, 4G, and 5G deployments fix the worst vulnerabilities in 2G that allow for cell-site simulators to eavesdrop on SMS text messages and phone calls (though there are still some vulnerabilities left to fix). Unfortunately, many people worldwide still depend on 2G networks. Therefore, brand-new, top-of-the-line phones on the market today—such as Samsung Galaxy, Google Pixel, and the iPhone 11—still support 2G technology. And the vast majority of these smartphones don’t give users any way to switch off 2G support.  That means these modern 3G and 4G phones are still vulnerable to being downgraded to 2G.

The simplest solution for users is to use encrypted messaging such as Signal whenever possible. But a better solution would be to be able to switch 2G off entirely so the connection can’t be downgraded. Unfortunately, this is not an option in iPhones or most Android Phones.

Apple, Google, and Samsung should allow users to choose to switch 2G off in order to better protect ourselves. Ideally, smartphone OS makers would block 2G by default and allow users to turn it back on if they need it for connectivity in a remote area. Either way, with this simple action, Apple, Google, and Samsung could protect millions of their users from the worst harms of cell-site simulators.


Comments

Popular posts from this blog

EFF: No Digital Surveillance of Iranians at the U.S. Border—or Within the U.S.

EFF: Corporate Speech Police Are Not the Answer to Online Hate

Living on the (IT) Edge: Schneider Electric at HPE Discover 2018