0

Since we should always avoid public networks, is there some sort of attack that intercept my online activity or steal passwords when I'm using 3g/4g? If exists, how I can protect myself from this type of attack? My device is not rooted, if it matters.

Mycroft
  • 747
  • 3
  • 8
  • 23
  • 1
    If you click on the `gsm` tag, you will get some excellent questions around cellular security. – schroeder Mar 19 '19 at 15:20
  • "What are the dangers" is too broad a question to answer. If you're wondering simply whether or not MITM attacks are possible with 3G/4G, _that_ is something that can be answered. – forest Mar 30 '19 at 01:09
  • @forest I would like to know which attacks are more common in 3g/4g in smartphones and how defend against them. – Mycroft Mar 30 '19 at 01:11
  • I don't think any attacks are _common_. However, if you're referring to stingray-type interception, I'm afraid there is nothing you can do to prevent it. While 3G/4G is more secure than older GSM protocols in that respect, it's still possible to intercept them and act as a man-in-the-middle attacker. – forest Mar 30 '19 at 01:14
  • Thank you, forest. Actually, I'm new in this subject and I don't know any attacks, so I was not referring to anything. Since you said that any attacks are _common_ , is there another attacks you think that I should know? I'm not considering governments or anything like this, just bad guys. – Mycroft Mar 30 '19 at 01:20
  • @Mycroft Just use HTTPS on websites whenever you can, and beware phishing sites. This is standard advice for using the internet in general, but it also applies to cellular networks. – forest Mar 30 '19 at 03:29
  • My principal doubt is if is safe to use apps with sensitive data when using 3g/4g. How i can be sure that these connections are https since I can't see them? – Mycroft Mar 30 '19 at 03:37
  • @Mycroft You don't have any easy way to know that, so it really depends on how sensitive that data is. Many 3G/4G connections use a 64-bit cipher, which is not extremely secure. – forest Mar 30 '19 at 03:46
  • Well, consider sensitive data like social media and even bank accounts – Mycroft Mar 30 '19 at 03:55
  • @Mycroft The amount of money required to break a 64-bit cipher is larger than the amount of money someone would likely gain from defrauding your bank with your bank details. I think you're safe. – forest Mar 30 '19 at 03:58
  • If you mean 64-bit symmetric passwords I suppose that depends on the algorithm used, the key entropy, the effective bits and some other factors. I would not say 64-bit security per se will make you "safe" – user1156544 Nov 06 '20 at 04:57

0 Answers0