Comment by xrd

Are there ways to prevent this kind of thing using GrapheneOS or FLX1s?

Lots of interesting discussions about cell phone networks lately.

Fake cell phone towers ICE is using to track people:

https://news.ycombinator.com/item?id=45312326

My question is: are any of these alternatives helpful against these novel attacks? If you are on a phone using a network vanilla provider like tmobile or otherwise, is there any way to prevent your phone from trying to connect to a fake network?

If I controlled the entire cell phone stack, like I would with FLX1s, then could I have something like the ssh initial connection signature:

  The authenticity of host '100.64.0.46 (100.64.0.46)' can't be established.
  ED25519 key fingerprint is SHA256:yE4jh7gROroduLqbIFcInlUXrpDy8JIpJPc+XvtIpWs.
  This key is not known by any other names.
  Are you sure you want to continue connecting (yes/no/[fingerprint])?

Once I accept that sshd endpoint, I know my ssh client will protect me if the sshd changes and I'm experiencing a MITM.

It would be a bit of a pain to accept a new cell tower when I'm in a new city, but I could imagine syncing a whitelisted trusted set of cell phone towers (ha, when I think of that the whole idea of "trusted" is laughable). But, at least I would have more insight into when I am getting surveilled. And, I could say "not today ICE!" or "tmobile, idk, please give me my HN fix, I don't even care if you know I'm aware my government is tracking me as I pay the service fee!" I bet a whitelist hosted on github would be faster to update than tmobile installing new cell phone towers so privacy enthusiasts could enable their own safety.