Adamya Sharma / Android Authority
TL;DR
- Android 15 will warn you while you’re linked to an insecure community or when one tries to report your system’s ID, similar to when linked to a “stingray” system.
- A stingray is a malicious digital system that mimics a mobile community so it may trick your cellphone into connecting to it.
- Stingrays accumulate your system’s distinctive identifier and attempt to intercept your textual content messages and cellphone calls.
If you use your smartphone to ship a textual content message or make a cellphone name, you need to belief that your provider isn’t snooping in your communications. However what if the mobile community your cellphone is linked to doesn’t really belong to your provider however as a substitute a malicious third get together? That’s what units referred to as “stingrays” reap the benefits of. A stingray mimics a mobile community, so it may trick your cellular system into connecting to it, permitting it to gather your system’s distinctive ID for monitoring functions or to modify your system to an insecure connection to intercept texts and calls. To guard customers from these sorts of assaults, Google is including new safety features in Android 15 that can warn you when a mobile community collects your system’s distinctive ID or is utilizing an insecure connection.
Like an actual cell tower, stingrays accumulate your system’s Worldwide Cell Subscriber Identification (IMSI) and Worldwide Cell Station Tools Identification (IMEI), two distinctive identifiers that respectively determine your system’s SIM and the system itself. Utilizing the IMSI or IMEI, the operators of a stingray can determine and goal your specific system for evaluation. They will additionally attempt to pressure your system to connect with it utilizing an older or unencrypted protocol, making it trivial for them to intercept your communications.
Stingrays are fashionable amongst regulation enforcement companies as a result of they permit for the covert assortment of knowledge from felony suspects, however they’ve additionally been utilized by malicious state actors to spy on journalists. Plus, in addition they put particular person privateness in danger as a result of there are few safeguards in opposition to them. That’s why Google has been engaged on updating Android to forestall units from sending textual content or voice information over older or unencrypted protocols.
In Android 12, for instance, Google added assist for disabling 2G connectivity on the modem degree. Google adopted up in Android 14 by including assist for disabling connections that use mobile null ciphers, a type of unencrypted communication. In line with Google, the utilization of null ciphers in business mobile networks places customers in danger as a result of they expose person voice and SMS visitors to “trivial over-the-air interception.” The corporate additionally says that business stingrays exist that may trick units into downgrading their connection to a null cipher, thus enabling their visitors to be intercepted.
Supply: Mobile Radio “Null Ciphers” & Android by Yomna Nasser
Whereas Android 14 launched a function for disabling assist for mobile null ciphers at a modem degree, the function isn’t obtainable on all units as a result of it requires assist from the modem vendor. Additionally, the person wants to pay attention to the function’s existence, which is at present buried below SIM settings on supported units. To higher defend customers, Android 15 can proactively alert the person when a community data their system’s IMSI or IMEI in addition to when the community makes an attempt to alter the ciphering algorithm.
Within the newest Android 15 Developer Preview 2 launch, I found strings that pertain to a notification that may seem when a tool identifier has been accessed. This notification tells the person {that a} community “recorded your system’s distinctive identifier (IMSI)” X variety of occasions in a sure interval.
Code
<string identify="scIdentifierDisclosureIssueSummary">"A community on the %4$s connection recorded your system's distinctive identifier (IMSI) %1$d occasions within the interval between %2$tr and %3$tr."</string>
<string identify="scIdentifierDisclosureIssueTitle">System identifier accessed</string>
Android 15 will solely have the ability to disclose when your system’s distinctive identifier has been accessed on choose units. Units might want to have a modem that helps Android 15’s new Mobile Identifier Disclosure Transparency {hardware} abstraction layer (HAL) APIs. These {hardware} APIs permit the modem to tell the OS when the community requests the system’s IMEI or IMSI or when the community makes use of a brand new ciphering algorithm for a voice, signaling, or information connection try. The OS can then ship the aforementioned notification to the person, disclosing that the community accessed their system’s distinctive ID or is making an attempt to downgrade them to an insecure connection.
The mobile transparency function is at present disabled by default in Android 15, however the OS might ship out a notification asking the person to assessment their “mobile community safety” settings. Tapping this button will take the person to a brand new web page below Settings > Safety & Privateness > Extra safety & privateness. This web page will include a toggle to disable or allow the safety notification that informs the person that their system’s IMSI or IMEI has been accessed. The web page may even probably embody a toggle to “require encryption,” which can disable null ciphered connections on the modem degree on supported units.
Code
<string identify="scCellularNetworkSecuritySummary">Assessment settings</string>
<string identify="scCellularNetworkSecurityTitle">Mobile community safety</string>
I’m unsure precisely which units will assist this mobile transparency function or when it’ll launch, however we might see it in Android 15 Beta 1 on the earliest.