Device Support #
Supported iOS Devices #
CellGuard supports iPhones running iOS 14 or newer. It analyses the baseband protocol messages of Qualcomm and Intel chips. This means if you have an iPhone 7 or newer, it supports CellGuard!
When should you use the non-jailbroken mode? #
CellGuard detects rogue base stations, which can track users and intercept network traffic. Rogue base stations can be a first step to launch further attacks against a user’s phone. Such follow-up attacks are very costly, meaning that only high-risk users, such as politicians, journalists, or human rights activists, might be targeted.
These targeted attacks are likely launched only against a user’s primary device. To make such attacks as difficult as possible, enable Lockdown Mode on your primary device, disable 2G, and always update to the latest iOS version. CellGuard supports running on the latest iOS version with these security settings enabled. We recommend using CellGuard in non-jailbroken mode on your primary device.
Using CellGuard in non-jailbroken mode means that you have to collect baseband packets on a regular basis manually. Rogue base station attacks require physical proximity. Generally, it is a good practice to turn off your device at places where you suspect attackers to be located, if you can. However, this might not always be possible – and attackers could also be at unexpected locations. We recommend regular packet imports, especially when you have been at suspicious places within the past hour, such as airports, country borders, or demonstrations.
When should you use the jailbroken mode? #
In jailbroken mode, CellGuard automatically collects baseband packets in the background. No user interaction is required, so you can’t forget to take a system diagnosis. Moreover, additional data is available on iPhones with Qualcomm modems. This makes a jailbroken iPhone with CellGuard a great sensor for rogue base stations!
There are limitations in using a secondary device as CellGuard sensor. First, your primary phone might observe and connect to different cells due to various factors, such as: SIM card for another network operator, other signal reception characteristics, or other cell selection algorithms running in the modem. Second, assuming the jailbroken iPhone is not your primary device and you’re a user at risk, you might not observe targeted attacks.
When carrying a secondary jailbroken iPhone with CellGuard as a rogue base station sensor, always remember that this device can be an easy target for attackers. We only recommend this setup for research purposes.
Will there be an Android version? #
We’re focussing our efforts on the iOS version of CellGuard and have no concrete plans for an Android app.