Android 14 new security feature: IT administrators can now disable 2G networks

Android 14 new security feature: IT administrators can now disable 2G networks

Google has introduced a new security feature in Android 14 that allows IT administrators to disable support for 2G cellular networks across their fleet of managed devices.

The search giant said it is introducing a second user setting to turn off support for air-encrypted cellular connections at the model level.

"The Android security model assumes that all networks are hostile to ensure that users are protected from network packet injection, tampering, or eavesdropping on user traffic," said Roger Piqueras Jover, Yomna Nasser, and Sudhi Herle.

"Android does not rely on link-layer encryption to address this threat model. Instead, Android specifies that all network traffic should be end-to-end encrypted (E2EE)."

2G networks, in particular, have weak encryption and lack mutual authentication, making them vulnerable to over-the-air interception and traffic decryption attacks by impersonating real 2G towers.

The threat posed by a malicious cell site means it could be exploited by malicious actors to intercept communication traffic, distribute malware, and launch Denial of Service (DoS) and Adversary in the Middle (AitM) attacks, causing surveillance issues.

In June 2020, Amnesty International revealed how a Moroccan journalist was targeted in a cyber injection attack, likely using fake cell phone towers to spread the Pegasus spyware.

Even worse, an adversary could potentially use advanced cell site simulators (aka Stingrays) to launch a stealthy downgrade attack that exploits the fact that all existing mobile devices still support 2G bands, forcing the phone to connect to a 2G network.

To address some of these issues, Google added the option to disable 2G at the modem level in Android 12 in early 2022. As the next logical step, the company is now implementing a new restriction to block a device’s capabilities from downgrading to a 2G connection.

The upcoming mobile OS also addresses the risk of null password (no encryption mode or GEA0) in commercial networks, which exposes user voice and SMS traffic, including one-time passwords (OTPs), to trivial network-in-flight interception attacks.

The revelation comes as Google said it would enable E2EE for RCS conversations by default in the Messages app for Android for new and existing users, though the company noted that some users may be asked to agree to the terms of service provided by their carrier network.

It also plans to add support for Message Layer Security (MLS) in the messaging app to enable interoperability with other messaging services.

Despite Google's attempts to publicly pressure Apple to adopt RCS, the iPhone maker appears content with iMessage encrypted messaging. It also has expressed no interest in releasing a version of iMessage for Android, forcing users who text between the two operating systems to switch to third-party messaging alternatives.


<<:  Apple releases iOS / iPadOS 17 third public beta

>>:  iOS 17 Beta 5 updated with multiple changes!

Recommend

A super detailed manual for Tik Tok live streaming!

When a novice anchor first starts live streaming,...

The invisible overlords on earth all have super survival abilities

If the Earth is likened to a huge dynasty, then h...

How much does it cost to customize a skin care product mini app in Hezhou?

According to industry insiders, mini programs wil...

Android devices accused of poor IPv6 support

[[137880]] Foreign media networkworld wrote that ...

2020 Marketing Trend Prediction

It seems that every year, articles reviewing mark...

3 experiences I have to share after 1 month of new media internship

Before joining the company, I was unprepared, so ...

China becomes Cadillac's largest single market for the first time

With Cadillac's rapid growth in China over th...

How many "different worlds" can a mountain separate?

The mountains stretch north and south It created ...

Technology Morning News | Russia plans to build a new anti-missile defense "shield"

【Today’s cover】 On the 23rd, at the Miaoshanzhai ...