Android 16 can warn smartphone users of possible eavesdropping attacks in future
New security setting in Android 16 warns of IMSI catchers and unencrypted connections. However, no smartphone modem supports the function yet.
Android 16
(Image: Bangla press/Shuttertstock.com)
Smartphones are now ubiquitous and contain a wealth of personal data, making them a popular target for government surveillance and malicious actors. They could use fake mobile cells and stations for this purpose, but the new Android version should be able to prevent this kind of espionage in the future. However, no smartphone yet has a modem that supports this function, so it will only be available on future generations of cell phones, probably later this year.
So-called mobile simulators can trick smartphones into connecting to them if they send a stronger signal than normal mobile networks, for example. This is particularly possible with weak connections, when the cell phone falls back to 2G connections to stay connected. Even police authorities are equipped with such mobile phone simulators, which are often called “Stingrays” after the name of a frequently used device.
Attackers can use such a fake mobile connection to find out the location of the device, read the International Mobile Subscriber Identity (IMSI) like an IMSI catcher and even intercept calls or messages, as 2G connections lack current encryption standards. This is hardly or not at all apparent to the user. However, 2G can already be switched off on Android smartphones to prevent such misuse.
Warning messages for suspicious networks
Google is going one step further with an update for Android 16. According to the recently updated developer notes, “Mobile network security” has been introduced as a new function in the security center of the mobile operating system settings. Notifications can be activated there if the smartphone connects to an unencrypted mobile network or if the network wants to read device IDs such as the IMSI or IMEI. In these cases, the user receives corresponding warning messages, as device IDs are usually rarely or never exchanged with the network.
Android 16: Sicherheit des Mobilfunknetzes (3 Bilder)
However, this Android 16 function requires the smartphone's modem to support Google's “IRadio” hardware layer in version 3.0. This is not yet the case on any device, so the new function is not yet displayed in the Android settings. Only new smartphones are likely to support this new security function. It can be assumed that Google's Pixel 10 will be the first device to offer this. This generation of smartphones is expected in late summer or fall.
Videos by heise
(fds)
