Comment by Scoundreller
2 hours ago
Ah, so the attack might depend on whether your phone is set to allow roaming or not. Maybe.
But I only have an option for data roaming on/off, not roaming entirely.
2 hours ago
Ah, so the attack might depend on whether your phone is set to allow roaming or not. Maybe.
But I only have an option for data roaming on/off, not roaming entirely.
I don't think that matters, since the phone has no way of knowing from the SIM card alone whether it should still connect to 2G networks or not.
It sounds like a good idea to at least restrict 2G connections to non-roaming scenarios, but then you have the next practical problem: How does your baseband know that you're abroad?
Sure, all solvable at the application layer (the phone could use location heuristics to figure out where it is etc.), but not trivial and full of edge cases that could easily result in your phone mysteriously not connecting while abroad or, worse, not being able to make an emergency call or similar.