Last year Google quietly pushed a new feature to its Android operating system allowing users to optionally disable 2G at the modem level in their phones. This is a fantastic feature that will provide some protection from cell site simulators, an invasive police surveillance technology employed throughout the country. We applaud Google for implementing this much needed feature. Now Apple needs to implement this feature as well, for the safety of their customers.
What is 2G and why is it vulnerable? 2G is the second generation of mobile communications, created in 1991. It’s an old technology from a time when standards bodies did not account for certain risk scenarios such as rogue cell towers and the need for strong encryption. As years have gone by, many vulnerabilities have been discovered in 2G.
There are two main problems with 2G. First, it uses weak encryption between the tower and device that can be cracked in real time by an attacker to intercept calls or text messages. In fact, the attacker can do this passively without ever transmitting a single packet. The second problem with 2G is that there is no authentication of the tower to the phone, which means that anyone can seamlessly impersonate a real 2G tower and a phone using the 2G protocol will never be the wiser.