EFF praises Android’s new 2G switch and wants Apple to follow suit
The Electronic Frontier Foundation celebrates Google’s addition of a 2G kill switch in Android 12. The digital rights group has been campaigning against the outdated and insecure 2G cellular standard since 2020, and Android is the first mobile OS to heed the group’s advice and allow users to completely turn off 2G.
In the US, 2G carriers shut down years ago, and the 3G shutdown is already underway. However, the phones haven’t actually received the message and the modems are still trying to automatically connect to any nearby 2G signals. The problem is that 2G is very old, and it’s very much like connecting to a WEP-secured Wi-Fi hotspot – the security is outdated, so it’s easy to hack. If you’re in a country where legal use of 2G has long ceased, the standard only serves as an attack vector via fake cell towers, so why not just turn it off?
EFF explains the issues:
There are two main problems with 2G. First, it uses weak encryption between the tower and the device, which an attacker can hack into in real time to intercept calls or text messages. In fact, an attacker can do this passively without even transmitting a single packet. The second problem with 2G is that there is no tower authentication on the phone, which means anyone can easily impersonate a real 2G tower and a phone using the 2G protocol will never get wiser.
This does not mean that non-2G signals are “safe”. They are less secure, but you still should not trust the cellular network. It’s best to encrypt everything. This is generally the default for web communications, but depending on how your carrier and phone are configured, carrier services such as SMS and phone calls may be more vulnerable.
So why is 2G still enabled by default even though it’s clearly deprecated? The history of 2G varies greatly around the world. Cellular IoT company EMnify maintains an incredible global 2G phase-out list worth checking out. Some countries such as the US, Canada, Japan, South Korea and Taiwan have not been using 2G for some time now. However, Europe won’t kill 2G until 2025. Some countries in South America are keeping the standard until 2024, and some countries in Africa don’t have a planned 2G shutdown date at all.
Even if you’re in a country that still has 2G, you’ll probably want to turn it off. 2G doesn’t have the ability to send data at all, so it most likely only facilitates terrible analog voice calls and possibly SMS – if your carrier has the worst and most poorly maintained SMS system on Earth. There’s a good chance that dropping 2G won’t change anything about how your phone works, so give it a try.
Having taken care of Android, EFF now focuses on Apple. He campaigns on Twitter with a one-click tweet button: “Hey @Apple, 2G is outdated and insecure technology! Google just gave us the option to turn it off on our phones and now it’s your turn!”
How the 2G switch works on Android
This 2G kill switch is a new feature in Android 12, but which phones are actually getting it? As is common with Android, the answer is complex, and the transition is not for all Android 12 phones. As stated in the Android 12 release notes, the actual feature requirements are Android 12 and “Radio 1.6 HAL”.
This “hardware abstraction layer”radio is one of the Project Treble provider interfaces we talk about so much. Treble is a project that modularly separates OS from hardware support, making it easy to upgrade; this HAL is the interface between the OS and the hardware driver. Real HALs are rarely updated, so the best way to get a 2G kill switch is to buy a new Android phone with Android 12, not a phone that upgrades to Android 12.
But wait, this is Android, so carriers can get in the way too. As the release notes say, “Carriers may disable this feature at runtime.”With all the variables possible here, the only way to know if 2G shredding is supported is to open the settings and see. I can confirm the switch is on the Pixel 6 and EFF suggests checking out some of the newer Samsung phones.
If you want to disable 2G and have the normal settings layout, the toggle is in Settings > Network & Internet > SIM cards > Allow 2G. If your OEM has encrypted your Android settings for “differentiation”purposes, try searching for “2G”or digging through your cellular settings.
Leave a Reply