If you're running an Android phone open settings > Network & Internet > Internet > click on your network (e.g. Google Fi) > turn on 2G network protection (at the bottom).
Alternatively: Security & privacy > Advanced Protection > Device protection. That does other stuff too though
I'm not aware of a way to do this on iPhones...
I'm not an expert, but my understanding is that many of these attacks work by performing 2G downgrading.
A quick search suggests Lockdown mode might do it, which is corroborated by their support docs. It also does a bunch of other things that will probably degrade most users' experience, for what it's worth. https://support.apple.com/en-us/105120
> Wireless connectivity: Your device won't automatically join non-secure Wi-Fi networks and will disconnect from a non-secure Wi-Fi network when you turn on Lockdown Mode. 2G and 3G cellular support is turned off for iPhone and iPad.
(Instructions to enable it are on the linked page.)
But also WTF Apple... I appreciate that this mode exists but each of those things should be allowed to be toggled independently. People need more fine grained experience.
For things that I think will affect people more than the wireless connectivity
Messages: Most message attachment types are blocked, other than certain images, video, and audio. Some features, such as links and link previews, are unavailable.
FaceTime: Incoming FaceTime calls are blocked unless you have previously called that person or contact within the past 30 days. Features such as SharePlay and Live Photos are unavailable.
I swear... Apple really does not want to make privacy and security convenient for users. It's as if (...) they want to provide the tools to say they have the best security but then make the UX so poor that no one will end up using them (and then they can justify not developing more because "nobody uses them")
Better way to protect yourself is to get rid of Android's Google Play services.
Install a mod like GrapheneOS or LineageOS and use F-droid to get your apps.
Install Molly, the FOSS Signal client.
Don't use WhatsApp, don't use Telegram, don't use Meta apps, don't use TikTok, don't use Snapchat.
Install EFFs Rayhunter App.
Install a Bluetooth beacon tracker protection app like AirGuard.
Use a firewall app like NetGuard to protect leaking traffic.
Always remember, a device has an IMEI associated with its modem, there is no point to switch SIM cards if they're tracking you. Phones with no removable battery are always on, even when they're off, and will react to Silent SMS (class 0) that are stealthy pings that can track you. Especially iOS devices are always trackable, even in Airplane mode or when they're turned "off".
Buy used hardware from eBay, check LineageOS wiki for compatibility.
Is there a reason why Google and Apple wouldn't turn 2G downgrade off by default? Even the setting itself says "emergency calls over 2G are still allowed" so what is the reasoning behind leaving people exposed to this?
My recent experience when roaming was that calls only worked on 2G even though 4G and 5G were avaliable. After a call, phone would sometimes stay stuck on 2G which meant internet was not working. I had to disable 2G to force the phone to switch to 5G. But if I forgot to enable 2G again, calls didn't work. I checked this with multiple people and they all had the same issue.
This is totally speculative but I bet 2G is more reliable and has longer range. If your reception is bad, it may be necessary to downgrade to get any connection at all.
For what it’s worth, the authors note that since this is installed on a phone, by the time CellGuard has detected a rogue base station, it’s too late anyway.
Hmm, says it works with the Pinephone and Pinephone Pro too, which are very portable, and are just generally devices many more would consider useful (I've thought about buying one at least, just for the open-source-ness of it)
Lawful interception requires things like paperwork, warrants, probably cause, and some kind of reason why you need to tap cellular comms in the first place. If you're operating a deportation agency in the style of roaming gangs of officers, you're probably not going to want to wait for the courts to dismiss your brute-force attempts to find illegals behind every door you break down.
The anti-2G security measure is pretty much exclusive to a few high-end phones as far as I can tell. iPhones can enable it with lockdown mode (which also disables things like JIT and can make websites and app run slower), Google has added a toggle, and I think a few other manufacturers have it too, but you need support in the modem firmware to actually do anything with it.
Even then, 3G and 4G can also leak identifiers if you can fake being a base station. The identifiers are not as easy to obtain as on 2G, but there's a reason 5G added a masking feature to LTE. Especially combined with access to an SS7 capable line, you can pretty much replicate all of the 2G hacks with cellular tech at least up to 4G, maybe even newer than that.
Cellular firmware protection mechanisms seem to be targeting 2G exploitation so far. It'd be extremely unpractical (and probably impossible) to enforce some kind of "5G NR only" mode, but without such a mode you're going to be at risk of Stingray-like devices.
> Lawful interception requires things like paperwork, warrants, probably cause, and some kind of reason why you need to tap cellular comms in the first place.
In case folks hadn't been paying attention, probable cause isn't even worth their trouble when arresting someone these days.
> “DHS law enforcement uses ‘reasonable suspicion’ to make arrests,” DHS Assistant Secretary Tricia McLaughlin said in a statement to The Associated Press
Lawful interception requires things like paperwork, warrants, probably cause
Technically yes but there are back-room agreements to bypass this. I used to have warrants on my desk to set up call tracing in the 90's and eventually I was told to not require them any more and just leave test system and modems enabled logging disabled so agents could set up their own call tracing. The people I worked for had no skin in the game as they were all from the EU. I would be very surprised if this was no longer a thing. If anything I would expect it to be much simpler and more stream-lined by now, probably some HTTPS API end-point and some app on their phone.
In fairness to the agents some things are time sensitive like kidnappings / abductions. Provided logging is not disabled I think it is fine they have real time access if someone actually audits the logs and matches them up to incidents much like license plate queries by cops are supposed to be audited.
> Why aren't they using the official lawful interception interfaces?
They may not want to leave a paper trail.
“To obtain a [legal] wiretap order, law enforcement must demonstrate probable cause to a judge” [1]. Given ICE has been arresting Americans, they probably aren’t bothering with cause. Legal intercepts also require “minimization procedures to limit the interception of conversations unrelated to the investigation,” which ICE may not want to do. And perhaps most importantly, “violations of 18 U.S.C. § 2511 are considered federal felonies,” with those convicted facing criminal penalties and being subject to civil liability.
I hate to make this analogy, but it’s akin to the Gestapo’s NBH obsession. They knew they were acting illegally, and didn’t want to leave the evidence that would convict them.
Trump's bill allocated 170 billion dollars to ICE. That figure is greater than annual defense spending of every country in the world other than US and China. I believe it's spread over four years, so amortized over that time period it would have more budget than all but 12 countries in the world.
To put into perspective of how insanely huge this is, Trump is about to bail out US Farmers who have been hit by Trump's trade wars. How much? $10 billion.
That means trump is spending 17x the farm bailout on ICE. That's insanity.
Likely cataloging IMSIs and IMEIs which would not constitute a wiretap. I know from experience these circles are concerned about roving protestors and agitators.
These sort of metrics can also be used with commercially available RTB data if and when cases go to court. I'm about 90% certain they ARE NOT intercepting phone calls and I'm 80% certain they're not intercepting sms
Readit News
Alternatively: Security & privacy > Advanced Protection > Device protection. That does other stuff too though
I'm not aware of a way to do this on iPhones...
I'm not an expert, but my understanding is that many of these attacks work by performing 2G downgrading.
A quick search suggests Lockdown mode might do it, which is corroborated by their support docs. It also does a bunch of other things that will probably degrade most users' experience, for what it's worth. https://support.apple.com/en-us/105120
> Wireless connectivity: Your device won't automatically join non-secure Wi-Fi networks and will disconnect from a non-secure Wi-Fi network when you turn on Lockdown Mode. 2G and 3G cellular support is turned off for iPhone and iPad.
(Instructions to enable it are on the linked page.)
But also WTF Apple... I appreciate that this mode exists but each of those things should be allowed to be toggled independently. People need more fine grained experience.
For things that I think will affect people more than the wireless connectivity
I swear... Apple really does not want to make privacy and security convenient for users. It's as if (...) they want to provide the tools to say they have the best security but then make the UX so poor that no one will end up using them (and then they can justify not developing more because "nobody uses them")That would appear to cut 4G too though which is not great
Install a mod like GrapheneOS or LineageOS and use F-droid to get your apps.
Install Molly, the FOSS Signal client.
Don't use WhatsApp, don't use Telegram, don't use Meta apps, don't use TikTok, don't use Snapchat.
Install EFFs Rayhunter App.
Install a Bluetooth beacon tracker protection app like AirGuard.
Use a firewall app like NetGuard to protect leaking traffic.
Always remember, a device has an IMEI associated with its modem, there is no point to switch SIM cards if they're tracking you. Phones with no removable battery are always on, even when they're off, and will react to Silent SMS (class 0) that are stealthy pings that can track you. Especially iOS devices are always trackable, even in Airplane mode or when they're turned "off".
Buy used hardware from eBay, check LineageOS wiki for compatibility.
Stay safe.
https://github.com/EFForg/rayhunter
which pairs nicely with a
https://www.amazon.com/Orbic-Verizon-Hotspot-Connect-Enabled...
https://cellguard.seemoo.de/
It works on iOS devices without any extra hardware, even on non jailbroken devices, by analyzing baseband debug logs exported by the OS.
They will get all the data. Not only voice, data and SMS/RCS.
All modern smartphones (like Pixels) allow you to switch off 2G. They even warn if you want to activate it.
The anti-2G security measure is pretty much exclusive to a few high-end phones as far as I can tell. iPhones can enable it with lockdown mode (which also disables things like JIT and can make websites and app run slower), Google has added a toggle, and I think a few other manufacturers have it too, but you need support in the modem firmware to actually do anything with it.
Even then, 3G and 4G can also leak identifiers if you can fake being a base station. The identifiers are not as easy to obtain as on 2G, but there's a reason 5G added a masking feature to LTE. Especially combined with access to an SS7 capable line, you can pretty much replicate all of the 2G hacks with cellular tech at least up to 4G, maybe even newer than that.
Cellular firmware protection mechanisms seem to be targeting 2G exploitation so far. It'd be extremely unpractical (and probably impossible) to enforce some kind of "5G NR only" mode, but without such a mode you're going to be at risk of Stingray-like devices.
In case folks hadn't been paying attention, probable cause isn't even worth their trouble when arresting someone these days.
> “DHS law enforcement uses ‘reasonable suspicion’ to make arrests,” DHS Assistant Secretary Tricia McLaughlin said in a statement to The Associated Press
https://www.newsweek.com/trump-admin-race-baiting-lawsuit-wo...
Technically yes but there are back-room agreements to bypass this. I used to have warrants on my desk to set up call tracing in the 90's and eventually I was told to not require them any more and just leave test system and modems enabled logging disabled so agents could set up their own call tracing. The people I worked for had no skin in the game as they were all from the EU. I would be very surprised if this was no longer a thing. If anything I would expect it to be much simpler and more stream-lined by now, probably some HTTPS API end-point and some app on their phone.
In fairness to the agents some things are time sensitive like kidnappings / abductions. Provided logging is not disabled I think it is fine they have real time access if someone actually audits the logs and matches them up to incidents much like license plate queries by cops are supposed to be audited.
I've got it on my phone which I think is mid-market at best: moto g stylus 5g - 2023. Snapdragon 6 Gen 1. ~ $250 in 2023.
Probably for the same reason they're wearing masks
They may not want to leave a paper trail.
“To obtain a [legal] wiretap order, law enforcement must demonstrate probable cause to a judge” [1]. Given ICE has been arresting Americans, they probably aren’t bothering with cause. Legal intercepts also require “minimization procedures to limit the interception of conversations unrelated to the investigation,” which ICE may not want to do. And perhaps most importantly, “violations of 18 U.S.C. § 2511 are considered federal felonies,” with those convicted facing criminal penalties and being subject to civil liability.
I hate to make this analogy, but it’s akin to the Gestapo’s NBH obsession. They knew they were acting illegally, and didn’t want to leave the evidence that would convict them.
[1] https://legalclarity.org/what-is-wiretapping-and-when-is-it-...
This makes sense, considering the regime is hiring Jan 6th insurrectionists like Jared Wise. Legality has gone out the window.
Deleted Comment
That means trump is spending 17x the farm bailout on ICE. That's insanity.
That $10 bil is coming out of our pockets.
Dead Comment
Deleted Comment
These sort of metrics can also be used with commercially available RTB data if and when cases go to court. I'm about 90% certain they ARE NOT intercepting phone calls and I'm 80% certain they're not intercepting sms