 | My Pixel 10 warns me constantly that I have rogue connections.
|
My Pixel 10 Pro XL phone constantly warns me that there are rogue connections to my phone and my data is at risk. So, what happened here? What does it mean? Can you also get these notifications?
So, very concerning, to say the least. I have a Pixel 10 Pro XL phone, which may be the first phone to give warnings when the phone connects to a rogue cellphone tower or IMSI catcher. The OS cannot block it; it can only tell you that someone read information, and it presents an alert.
The warning said, “Your data may be at risk. Device ID accessed. At 6:57 PM a nearby network recorded your device’s unique ID (IMSI or IMEI) while using your T-Mobile SIM. This means that your location, activity, or identity has been logged.”
Using this information from repeated connections, someone can follow my movements and location; they can identify it’s me because the IMEI number is unique to my phone. It can be an indication that someone was collecting all the cellphone information in the area, most likely law enforcement.
It can also mean that I was connecting to a rogue cell phone tower, not just an IMSI catcher, and it was an attempted Stingray attack, likely also law enforcement. If successful, they can try to see and hear what I’m doing on my phone, as my phone won’t know that it’s a fake cellphone tower.
Be aware that a rogue tower will try to negotiate your phone’s connection down to a 2G connection, which is unencrypted, providing them with access to everything that you are doing and saying. There are no more 2G towers in the U.S. and probably not in your country either. Please go into your phone’s settings and disable 2G!! On Android, just search in settings for “mobile network security” and toggle on “2G network protection” (if your phone supports it), and your phone will no longer be subject to a downgrade attack. The IMSI catcher will only be able to get your IMSI and IMEI (subscriber number and equipment number) if it can’t do a downgrade attack. You cannot disable 2G on an iPhone.
Update 2025-Sep-07:
But what if there is no setting on your Android to turn off 2G, and what about 3G downgrade attacks? A 3G decryption attack is possible, even though 3G has encryption (unlike 2G), because the ciphers are weak.
The standard IMSI catcher will not be capable of defeating 3G encryption. But a sophisticated IMSI catcher used by a government agency or law enforcement will know how to defeat the 3G encryption in real time, so the connection will basically be unencrypted. In the U.S., 3G was turned off in 2022. Please don’t hesitate to disable 3G on your phone as well. The only request to go 3G will be from a fake tower.
There’s no setting in Android to disable 3G like there is for 2G, but it can be done by using a secret menu. Dial #.#.4636.#.# and select “Phone Information.” Look for a dropdown called “Set Preferred Network Type.” Select “NR/LTE.” This tells your phone you only want to use 4G (LTE) and 5G (NR). 4G and 5G encryption is strong. By selecting this, your phone should no longer accept 2G and 3G connection requests.
It is not possible on an iPhone to turn off either 2G or 3G.
End of update.
It’s been believed for some time that this technology has been used by law enforcement secretly and consistently. This is creepy and unnerving.
Turning off the phone, by the way, doesn’t stop an IMSI catcher. Your phone still responds. You need to keep the phone in a Faraday bag if you’re really concerned.
Update: This appears controversial. If you do a Google search, you’ll find that every article says this isn’t true, so I got a lot of blowback. However, Edward Snowden claims the NSA and other police forces know how to make an apparently turned-off phone not only respond to information requests by an IMSI catcher but even enable the microphone so they can listen in.
“Based on documents leaked by Edward Snowden, the National Security Agency (NSA) had already developed a technique in 2004 to locate cell phones even when they were turned off, called “The Find”, mostly used to locate terrorist suspects [36]. This was accomplished through the use of IMSI catchers which could wirelessly send a command to the phone’s baseband chip to fake any shutdown and stay on [37]. The phone could then be instructed to keep just the microphone on, in order to eavesdrop on conversations, or periodically send location pings.“
https://www.cis.upenn.edu/wp-content/uploads/2019/08/EAS499Honors-IMSICatchersandMobileSecurity-V18F.pdf
Update 6-Sep-2025: A lot of what I’ve read is blaming these continual notifications on either a hardware issue with the Pixel 10 or a software issue. However, I downloaded the Network Cell Info Lite app and I’ve been looking at the raw data. Normally I see I’m connected to a T-Mobile tower with a TAC (Tracking Area Code) that is static. I see the TAC of my neighboring cell towers too. But suddenly I’m connected to a completely unknown TAC, 5633280, not a neighbor, just long enough for my device information to be collected. Then the connection breaks, and I’m back on my normal tower. This coincides with the Pixel alerts!
Here’s how this works:
The IMSI catcher broadcasts a signal with a strong “fake” TAC, which it knows my phone’s network has not assigned to any legitimate tower in the area.
My phone, which is constantly looking for the strongest signal, sees this new, powerful signal. Because the TAC is different from the one it’s currently on, my phone is tricked into initiating a “Location Update” procedure. This is the exact moment when my phone sends its IMSI and IMEI to the “new” tower.
The IMSI catcher logs my phone’s IDs and then immediately drops the connection, causing my phone to revert to the legitimate cell tower.
End of update.
It’s a good thing that phones are now starting to inform people that they are being watched and that people will begin to see how much of an issue this is.
Is it far-fetched to believe that the government is tracking everyone’s phones so they know who was in an area where a crime is committed or who is attending a protest? Remember that Edward Snowden alerted us to the U.S. government illegally recording phone calls of millions of people. So, why wouldn’t they be tracking cell phones?
Until now nobody could have noticed phone tracking.
After posting this on my Mastodon server (https://hear-me.social/@Jerry) and on my PieFed server (https://feddit.online), I got some follow-up questions.
- How do I enable these notifications on my phone?
As of 1-Sep-2025, I believe only the Pixel 10 phones have the hardware to support this. Because these notifications are added to Android 16, many new Android phones will come with the required hardware in the future. Google wants this feature to be generally supported.
You would need to go into the Mobile Network Security location (search for this in settings). There you will see “Network notifications” if your phone supports this feature. You can turn it on. - Can a signal booster cause false alerts?
No. Signal boosters are passive devices. They simply take the signal that comes in on one end, and they amplify it. They don’t make connections. - Where can I read more about this?
https://www.androidcentral.com/apps-software/android-os/android-16-can-tip-you-off-if-someone-is-snooping-on-you-using-stingray-devices - Can I turn off 2G on an iPhone?
Appears not. You can do lockdown mode, but that turns off more than 2G, which is probably not what you’d want permanently enabled. 3G cannot be turned off either.