• einkorn@feddit.org
    link
    fedilink
    arrow-up
    17
    ·
    1 day ago

    I assume it’s the same as the Internet (or more specifically HTTP): It wasn’t designed with security in mind.

    Unlike HTTP, for some reason it wasn’t included in a new specification, though. My guess is that’s because of the more centralized nature of cellular networks. The barrier for entry is a lot higher as well so there are few but big players who have little incentive to improve over the bare minimum.

    IIRC encryption was initially proposed to be part of 5G but got shot down in the process.

    • theshatterstone54@feddit.uk
      link
      fedilink
      arrow-up
      5
      ·
      edit-2
      1 day ago

      Wait, 5G isn’t encrypted? I think it does have some protections still. I mean, not that it would matter to me, they only use NR-NSA in my country so it isn’t even full 5G with all its advantages.

      At the risk of sounding like an AI-generated ad, I use an app called Privacy Cell on Fdroid, that confirmed there is no true 5G anywhere in my country. I just wish there was a way to differentiate between the two versions of 5G natively, kinda like 4G-LTE showing up as LTE instead of just 4G.

      • mkwt@lemmy.world
        link
        fedilink
        arrow-up
        3
        ·
        1 day ago

        Encrypted data channels can still be vulnerable to man in the middle attacks. Like when you connect to an unknown host with SSH, and the client pops up a big warning.

        In this case, ICE or whomever sets up a “valid” cell tower that your phone connects to, and they (law enforcement) route your packets onto the rest of the Internet. They can decrypt the 5G data, and see all of the IP headers. They can’t necessarily read the TLS traffic, such as https. But most important of all, they can log all of the IMEIs that connect, which effectively gives them a database of all of the protestors.