"Earlier this year Google announced another new mobile security setting for Android. This new setting allows users to prevent their phone from using a “null cipher” when making a connection with a cell tower. In a well-configured network, every connection with a cell tower is authenticated and encrypted using a symmetric cipher, with a cryptographic key generated by the phone's sim card and the tower it is connecting to.
However, when the null cipher is used, communications are instead sent in the clear and not encrypted.
Null ciphers are useful for tasks like network testing, where an engineer might need to see the content of the packets going over the wire. Null ciphers are also critical for emergency calls where connectivity is the number one priority, even if someone doesn't have a SIM card installed.
Unfortunately fake base stations can also take advantage of null ciphers to intercept traffic from phones, like SMS messages, calls, and non-encrypted internet traffic."
"Apple announced that in iOS 17, out September 18, iPhones will not connect to insecure 2G mobile towers if they are placed in Lockdown Mode."
