Is something similar available in iOS? Apple's full control over the hardware and software should make it easier than in the Android ecosystem.
> software can only do so much. For these security features to work, your phone's modem has to be able to communicate with the Android OS in a very specific way
> Because of this hardware requirement, the full suite of these network security tools is currently exclusive to the Pixel 10 series
Many years ago browsers started alerting users to HTTP (vs HTTPS) connections and HTTPS sites using invalid or untrusted certificates.
How is it possible that in 2026 we're not notified by default when we connect to a cell tower with no certificate so our communications is being broadcast into the air completely unencrypted?
> the attacker can harvest device information and force your phone onto an older, unencrypted protocol.
This is why you should always toggle the setting that disables 2g/3g fallback.
With 4G, for example, your device will refuse to connect fully unless the network can pass the cryptographic challenge that proves it shares the key material included in your SIM card (I know, I know, symmetric keys are not ideal). The best an attacker can hope to do in 4G+ is harvest your subscriber ID (IMSI) or deny you service while you are in range.
In the US they disabled 2G. Other countries are doing the same.
Thankfully, my country is slow on that. I have some brick phones lying around for when I go in the field. The duration of the battery is like twice on 2g than on 3g on standby (Like two and half to five days; I haven't checked talking time). Granted, that might be phone specific, network specific, or something else specific, but when internet is not needed, I have more use for extra battery than extra security.
I know my government has 100% control over my telecomunications. It is a tradition in this country.
It’s wild that in 2026 we still aren’t notified about unencrypted connections by default. Learning that SUCI is optional and roaming makes certificate management so difficult was really eye-opening. Great read!
14 comments
[ 1.3 ms ] story [ 37.1 ms ] thread> software can only do so much. For these security features to work, your phone's modem has to be able to communicate with the Android OS in a very specific way
> Because of this hardware requirement, the full suite of these network security tools is currently exclusive to the Pixel 10 series
How is it possible that in 2026 we're not notified by default when we connect to a cell tower with no certificate so our communications is being broadcast into the air completely unencrypted?
Like the notifications are nice, but they're not a Allow / Deny popup. When you get the popup your data could've been intercepted.
Edit: whatever the answer is, it needs to work when this pops up frequently, because it will.
This is why you should always toggle the setting that disables 2g/3g fallback.
With 4G, for example, your device will refuse to connect fully unless the network can pass the cryptographic challenge that proves it shares the key material included in your SIM card (I know, I know, symmetric keys are not ideal). The best an attacker can hope to do in 4G+ is harvest your subscriber ID (IMSI) or deny you service while you are in range.
Thankfully, my country is slow on that. I have some brick phones lying around for when I go in the field. The duration of the battery is like twice on 2g than on 3g on standby (Like two and half to five days; I haven't checked talking time). Granted, that might be phone specific, network specific, or something else specific, but when internet is not needed, I have more use for extra battery than extra security.
I know my government has 100% control over my telecomunications. It is a tradition in this country.
> Because of this hardware requirement, the full suite of these network security tools is currently exclusive to the Pixel 10 series.
So, it is not an "Android setting", it is a "Pixel 10 series" setting.