EFF praises Android’s new 2G kill switch, wants Apple to follow suit
The Electronic Frontier Foundation is celebrating Google’s addition of a 2G kill switch to Android 12. The digital rights group has been campaigning against the dated, insecure 2G cellular standard since 2020, and Android is the first mobile OS to take the group’s advice and let users completely disable 2G.
In the US, carriers shut down 2G years ago, and the 3G shutdown is already underway. Phones have not really gotten the message, though, and modems still try to connect to any nearby 2G signals automatically. The problem is that 2G is very old, and it’s a lot like connecting to a WEP-secured Wi-Fi hotspot—the security is obsolete, so it’s easy to crack. If you’re in a country where legitimate uses of 2G are long dead, the standard only serves as an attack vector via fake cell phone towers, so why not just shut it off?
The EFF explains the issues:
There are two main problems with 2G. First, it uses weak encryption between the tower and device that can be cracked in real time by an attacker to intercept calls or text messages. In fact, the attacker can do this passively without ever transmitting a single packet. The second problem with 2G is that there is no authentication of the tower to the phone, which means that anyone can seamlessly impersonate a real 2G tower and a phone using the 2G protocol will never be the wiser.
This isn’t to say that non-2G signals are “secure.” They are less insecure, but you still shouldn’t trust the cellular network. The best practice is to encrypt everything. This is generally the default for web communications, but depending on how your carrier and phone are set up, carrier services like SMS and phone calls could be more vulnerable.
So why is 2G still on by default, even though it’s so obviously obsolete? The 2G story varies dramatically around the world. The IoT cellular company EMnify maintains an incredible global 2G phase-out list that is worth perusing. Some countries like the US, Canada, Japan, South Korea, and Taiwan have been off 2G for a while. Europe isn’t killing 2G until 2025, though. Some South American countries are keeping the standard around until 2024, and some countries in Africa have no scheduled 2G shutdown date at all.
Even if you are in a country that still has 2G, you probably want to turn it off. 2G has no ability to send data at all, so it most likely only facilitates horrible analog voice calls and maybe SMS—if your carrier has the worst, most poorly maintained SMS system on Earth. There’s a good chance that killing 2G will change absolutely nothing about your smartphone experience, so give it a shot.
With Android taken care of, the EFF is now focusing on Apple. It’s leading a Twitter campaign with a one-click tweet button reading, “Hey @Apple, 2G is an outdated and insecure technology! Google just gave us the option to turn it off in our phones and now it’s your turn!”
How the 2G kill switch works on Android
This 2G kill switch is a new feature in Android 12, but which phones are actually getting it? As is usual with Android, the answer is complicated, and the switch is not coming to all Android 12 phones. As the Android 12 release notes point out, the actual requirements for the features are Android 12 and the “Radio 1.6 HAL.”
This radio “hardware abstraction layer” is one of the Project Treble vendor interfaces we talk about so much. Treble is a project that modularizes the OS away from the hardware support, allowing for easier updates; this HAL is that interface that sits between the OS and the hardware driver. The actual HALs don’t get updated much, so your best bet for getting a 2G kill switch is buying a new Android phone launching with Android 12, not a phone that is being upgraded to Android 12.
But wait, this is Android, so the carriers can get in the way, too. As the release notes say, “Carriers can disable the feature at runtime.” With all the possible variables here, the only way to really know if killing 2G is supported is to open the settings and look. I can confirm the switch is on the Pixel 6, and the EFF says to check some newer Samsung phones.
If you want to kill 2G and have a normal settings layout, the switch is at “Settings > Network & Internet > SIMs > Allow 2G.” If your OEM scrambled the Android settings for the purposes of “differentiation,” try searching for “2G” or hunting around the cellular settings.