Android 15 could protect you from rogue ‘Stingray’ tracking devices

When you use your smartphone to send text messages or make calls, you need to trust that your carrier isn’t spying on your communications. But what if the mobile phone network your phone is connected to isn’t actually your carrier’s, but a malicious third party’s? It is a device called “. Because Stingray mimics cellular networks, it can trick mobile devices into connecting, collect the device’s unique ID for tracking purposes, or switch the device to an insecure connection to intercept text messages and calls. can. To protect you from these types of attacks, Google has added new security features to Android 15 that protect you from mobile phone networks that collect your device’s unique ID or use an insecure connection. Issue a warning.

Like a real cell phone tower, Stingray collects a device’s International Mobile Subscriber ID (IMSI) and International Mobile Station Equipment ID (IMEI). These are two unique identifiers that identify the device’s SIM and the device itself, respectively. IMSI or IMEI allows Stingray operators to identify and target specific devices for analysis. It also attempts to force devices to connect using outdated or unencrypted protocols, making it easy to intercept communications.

Stingrays are popular among law enforcement agencies because they can covertly collect data from criminal suspects, but they are also used by malicious state actors to spy on journalists. Additionally, personal privacy is also at risk, as there are few safeguards for personal privacy. That’s why Google has been working on updates to Android that prevent devices from sending text and voice data over outdated or unencrypted protocols.

For example, in Android 12, Google added support for disabling 2G connectivity at the modem level. Google followed this up with Android 14 by adding support for disabling connections that use cellular null ciphers, a form of unencrypted communication. According to Google, using null ciphers on commercial cell phone networks puts users at risk by exposing their voice and their SMS traffic to “easy wireless interception.” The company also says there are commercial Stingrays that can trick devices into downgrading their connections to null encryption, allowing them to intercept traffic.

Android 14 introduced the ability to disable cellular null cipher support at the modem level, but this feature requires modem vendor support and is not available on all devices. Also, the user must be aware of the existence of this feature, which is currently embedded under his SIM settings on supported devices. To better protect users, Android 15 can proactively warn users when a network has recorded his IMSI or IMEI of a device, and when a network attempts to change the encryption algorithm.

In the latest Android 15 Developer Preview 2 release, we discovered a string related to the notification that appears when a device ID is accessed. This notification tells the user that the network has “recorded her device unique identifier (IMSI)” X times within a certain period of time.

Android 15 allows a device’s unique identifier to be disclosed only when accessed on a selected device. The device must have a modem that supports the new Cellular Identifier Disclosure Transparency Hardware Abstraction Layer (HAL) API in Android 15. These hardware APIs allow the modem to notify the OS when the network requests his IMEI or IMSI for the device, or when the network uses a new encryption algorithm for voice, signaling, or data connection attempts. can. The OS then sends the aforementioned notification to the user, revealing that the network has accessed the user’s device’s unique ID or is attempting to downgrade it to an insecure connection.

Cellular transparency is currently disabled by default in Android 15, but the OS may send a notification asking users to check their Cellular Network Security settings. Tapping this button will take the user to the next new page. [設定]>[セキュリティとプライバシー]>[セキュリティとプライバシーの詳細]. This page includes a toggle to disable or enable security notifications that notify the user that his IMSI or IMEI of the device has been accessed. This page may also include a toggle to Require Encryption, which disables null encrypted connections at the modem level for supported devices.

We don’t know exactly which devices will support this cellular transparency feature or when it will be released, but the feature could arrive as early as Android 15 Beta 1.