this post was submitted on 02 Sep 2025

104 points (97.3% liked)

Cybersecurity

8271 readers

10 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !securitynews@infosec.pub !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 2 years ago

MODERATORS

kid@sh.itjust.works

Lanky_Pomegranate530@midwest.social

104

My Pixel 10 warned me 8 times in 30-minutes that there was a rogue connection made. Deeply concerning (feddit.online)

submitted 6 days ago by Jerry@feddit.online to c/cybersecurity@sh.itjust.works

64 comments fedilink hide all child comments

I have a #Pixel 10 Pro XL phone, which may be the first phone to give warnings when the phone connects to a rogue cellphone tower or IMSI catcher. The OS cannot block it; it can only tell you that someone read information, and it presents an alert. It says,

"Your data may be at risk. Device ID accessed. At 6:57 PM a nearby network recorded your device's unique ID (IMSI or IMEI) while using your T-Mobile SIM. This means that your location, activity, or identity has been logged."

I didn't ever get an alert before walking through the building, but this time, during a 30-minute walk through the building, I got about 8 alerts, ranging between 1 and 3 minutes apart.

Using this information from repeated connections, someone can follow my movements and location; they can identify it's me because the IMSI number is unique to my phone, so it can be an indication that someone was collecting all the cellphone information in the area, most likely law enforcement.

It can also mean that I was connecting to a rogue cell phone tower, not just an IMSI catcher, and it was an attempted Stingray attack, likely also law enforcement. If successful, they can try to see and hear what I'm doing on my phone, as my phone won't know that it's a fake cellphone tower.

Be aware that a rogue tower will try to negotiate your phone's connection down to a 2G connection, which is unencrypted, providing them with access to everything that you are doing and saying. Please go into your phone's settings and disable 2G!!

It's been believed for some time that this technology has been used by law enforcement secretly and consistently. This is creepy and unnerving.

Turning off the phone, by the way, doesn't stop an IMSI catcher. Your phone still responds. You need to keep the phone in a Faraday bag if you're really concerned.

It's a good thing that phones are now starting to inform people that they are being watched and that people will begin to see how much of an issue this is. You can assume that your local law enforcement knows where you are all the time.

top 50 comments

sorted by: hot top controversial new old

[–] y0din@lemmy.world 30 points 6 days ago (1 children)

It could also be something less alarming, like cellular repeaters inside the building. Many buildings use these to boost indoor coverage when concrete and steel block signals from outside towers, and that might explain why your phone flagged multiple connections so quickly. I’m not ruling out the possibility of a rogue tower or IMSI catcher, but it’s worth considering that the alerts could simply be repeaters being picked up by this new warning feature. Either way, it’s good that your phone is making you aware — at least now you know when unusual connections happen.

[–] Jerry@feddit.online 4 points 6 days ago (1 children)

A cell phone repeater is a passive device. It just extends the range of an existing signal. They don't act as cell towers. They don't read information from the phone.

[–] y0din@lemmy.world 7 points 5 days ago* (last edited 5 days ago)

That’s true for some types of signal boosters, especially the simple passive ones. But many building systems aren’t just passive repeaters — they use distributed antenna systems (DAS) or active repeaters that re-broadcast the signal from outside towers. From the phone’s perspective, those can sometimes look like a new connection point, even though they’re not rogue towers reading data.

So while your point is absolutely right that a normal repeater doesn’t act as a tower or capture phone info, the way modern indoor coverage solutions are implemented can still trigger the same kinds of warnings. That’s why it can be hard to tell apart a harmless booster from something more suspicious.

More information about DAS systems and cellular repeaters, and how they differ, if you’re interested:

🔗 https://en.m.wikipedia.org/wiki/Distributed_antenna_system

🔗 https://en.m.wikipedia.org/wiki/Cellular_repeater

(edit, added Wikipedia links)

[–] Deebster@infosec.pub 18 points 6 days ago* (last edited 6 days ago) (2 children)

If you switch off 2G, bear in mind that it might be your only option to send emergency calls when otherwise out of signal. Remembering how to switch it back on (or even that you'd switched it off) might not be feasible when you need it!

edit: phone typos

[–] Jerry@feddit.online 13 points 6 days ago (1 children)

According to the documentation, turning off 2G will not block emergency calls. But, yeah, having said this, definitely, it's best to remember how to switch it back on, just in case.

[–] jewbacca117@lemmy.world 9 points 6 days ago (1 children)

Can confirm. The Setting on my Pixel 7 says "Emergency calling is always allowed"

[–] WhyIHateTheInternet@lemmy.world 7 points 6 days ago (1 children)

I'm illiterate to these things sort of... So don't harangue me for this but doesn't that imply that the connection is always on wether you disabled it or not? Would not outgoing imply incoming as well?

Just curious, again, I have no idea.

[–] jewbacca117@lemmy.world 6 points 6 days ago

As I understand your phone will ignore 2G requests unless it's an emergency call. Now, you mentioned these suspicious towers will try to downgrade to 2G, which should also be ignored.

[–] spaghettiwestern@sh.itjust.works 8 points 6 days ago (1 children)

US carriers have supposedly decommissioned 2G completely as of February of this year according to Google:

Carrier shutdowns: All major U.S. carriers have shut down their 2G networks. AT&T completed its shutdown in 2017, Verizon in 2020, and T-Mobile (the last major holdout) by early 2025.

[–] Onomatopoeia@lemmy.cafe 8 points 6 days ago (1 children)

2G is shutdown for consumers, it still exists for commercial systems that use it for data reporting (thing gas lines, remote monitoring systems, etc).

Now I don't know what that means for our phones, or which towers still have it. I suspect any consumer phone will simply never be able to connect via 2G,but the tower would still see the phone on 2G.

[–] spaghettiwestern@sh.itjust.works 2 points 6 days ago (1 children)

A few years ago someone I knew at T-Mobile said they could no longer get replacement parts for 2G equipment. If it's still up and running I wonder how it's being maintained? Or maybe he was misinformed.

[–] JWBananas@lemmy.world 6 points 6 days ago

That's hilarious. No major facilities-based mobile network provider in the US has used physical 2G hardware for many years.

Everything was converted to software-defined remote radio heads long ago. The RRHs get mounted up in the air directly behind the antenna element arrays. The same RRHs that power LTE RANs can do GSM just fine.

GSM is computationally and spectrally an afterthought. They literally shove it into the guard bands at the far edges of the PCS LTE carrier.

[–] Kolanaki@pawb.social 14 points 6 days ago* (last edited 6 days ago) (1 children)

It tries to force you down to 2G

Oh shit... Could this be why my phone seemingly randomly switches to 2G/LTE? It always seems to happen in the same places, and never for more than a minute or two.

[–] sunzu2@thebrainbin.org 5 points 6 days ago

No way to tell but the best practice is to keep your phone LTE or 5g only.

I had a discussion recently on here about it.

My understanding is LTE is best since it can't be used to exact positioning and saves battery.

However apparently it has its own security vulnerability that 5g fixed. However 5g can literally expose your special position.

Either way never prrmits 2g/3g that's just fish bowling.

[–] thegr8goldfish@startrek.website 13 points 6 days ago (1 children)

Found and updated the avoid 2g setting on my Pixel 6. I am running android 16.

[–] boatswain@infosec.pub 8 points 6 days ago (3 children)

Where was it? Haven't find it on mine

[–] ArcaneSlime@lemmy.dbzer0.com 9 points 6 days ago (1 children)

Network and internet>internet>settings button next to carrier>scroll to bottom

[–] boatswain@infosec.pub 4 points 6 days ago

Thanks!

[–] dgilbert@lemmy.ca 3 points 6 days ago

For me it was in my SIM card settings: Network & Internet > SIMs > .

Bottom option was a toggle for "2G network protection".

[–] jbk@discuss.tchncs.de 2 points 6 days ago (1 children)

I think this change needs hardware-specific code changes, so not every device upgraded to Android 15 or newer will have that

[–] boatswain@infosec.pub 3 points 6 days ago

I am aware, but the person I'm replying to mentioned a specific device, which I also have.

[–] lurch@sh.itjust.works 6 points 6 days ago (4 children)

IMSI catchers / rogue cell towers do not work with switched off phones or in airplane mode. Source: https://shop.mobilen.com/everything-you-need-to-know-about-imsi-catcher-detector/

load more comments (4 replies)

[–] frank@sopuli.xyz 7 points 6 days ago (1 children)

Turning off the phone doesn't stop it? How does it reply?

I'm assuming pulling my (Fairphone) battery out would kill it dead?

Creeeeeeepy

[–] lurch@sh.itjust.works 4 points 6 days ago (1 children)

It does not reply. It doesn't work when off or in airplane mode.

[–] Jerry@feddit.online 2 points 5 days ago

Edward Snowden claims the NSA knows how to do it.

https://www.cis.upenn.edu/wp-content/uploads/2019/08/EAS499Honors-IMSICatchersandMobileSecurity-V18F.pdf

[–] Chozo@fedia.io 8 points 6 days ago (5 children)

That's fucking creepy, and I've got a feeling that we're going to see a lot more of this going forward, too.

Are there any known ways to detect or interfere with Stingray devices? I know that in the US, police often use these devices illegally, without the necessary warrants, so sabotaging these devices is a just and moral decision.

[–] Jerry@feddit.online 6 points 6 days ago

In the U.S. it's illegal to do anything that would interfere with these devices because it also cuts off emergency services. Sort of like using a hospital to store weapons during a war?

load more comments (4 replies)

[–] peoplebeproblems@midwest.social 5 points 6 days ago

Even better, that means we can locate them.

[–] lurch@sh.itjust.works 4 points 6 days ago (1 children)

they only know your phone is there, not that it's you. they also need to triangulate your position to know it more exactly than "it's in range", which requires special hardware with an extra antenna

[–] Jerry@feddit.online 4 points 6 days ago

They can triangulate from the 8 readings that they did and know my location. They also know it's T-Mobile and they can subpoena T-Mobile and Google to get the information (the IMSI code will identify the dealer) to identify who bought the phone and what phone account pays for the service.

[–] Corkyskog@sh.itjust.works 6 points 6 days ago (7 children)

I don't seem to be able to even disable it on this phone.

[–] x1gma@lemmy.world 4 points 6 days ago

https://github.com/undergroundwires/privacy.sexy/discussions/359

The setting toggle seems to be available since Android 12, but not all vendors seem to have implemented it. There are instructions in the linked GitHub issue that seem sane.

load more comments (6 replies)

[–] Kirk@startrek.website 5 points 6 days ago (1 children)

What app is providing this service for you?

[–] Jerry@feddit.online 9 points 6 days ago (2 children)

It's a new feature in Android 16, but older phones don't have the hardware to support it.

load more comments (2 replies)

[–] sunzu2@thebrainbin.org 4 points 6 days ago (1 children)

Is this a new feature?

Is it coming to android 16?

[–] Jerry@feddit.online 9 points 6 days ago (1 children)

It's in Android 16 for the first time, which is what the Pixel 10 ships with, but older phones don't have the hardware: https://www.androidcentral.com/apps-software/android-os/android-16-can-tip-you-off-if-someone-is-snooping-on-you-using-stingray-devices

[–] sunzu2@thebrainbin.org 4 points 6 days ago (9 children)

You’ll also be able to shut off 2G entirely, cutting off one of the easiest ways for snoops to get in.

Damn is this also a new feature?

I didn't realize stock won't permit this. Wtf

load more comments (9 replies)

load more comments