From 72c19e0f045d3559b2c3ecea5cf641518ae4d3b5 Mon Sep 17 00:00:00 2001 From: Cooper Quintin Date: Tue, 3 Feb 2026 10:34:05 -0800 Subject: [PATCH] update docs and version --- doc/heuristics.md | 4 ++-- lib/src/analysis/priority_2g_downgrade.rs | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/doc/heuristics.md b/doc/heuristics.md index 938cbf8..815f33a 100644 --- a/doc/heuristics.md +++ b/doc/heuristics.md @@ -39,7 +39,7 @@ This heuristic will also issue a notification every time your identity is sent t This analyzer tests if a base station releases your device's connection and redirects your device to a 2G base station. This heuristic is useful, because some IMSI catchers may operate in a such way that they downgrade connection to 2G where they can intercept the communication (by performing man-in-the-middle attack). -### LTE SIB6/7 Downgrade +### LTE SIB6/7 Downgrade (v2) This analyzer tests if LTE base station is broadcasting a SIB type 6 and 7 messages which include 2G/3G frequencies with higher priorities. @@ -49,7 +49,7 @@ This attack exploits the fact that SIB broadcast messages are not encrypted or a SIB6 is used for cell reselection to CDMA2000 systems which are not supported by many modern mobile phones, and SIB7 Provides the mobile device with information to perform cell reselection to GSM/EDGE networks. Therefore SIB6 messages are quite rare, while malformed SIB7 messages are much more frequent in practice. -This heuristic is the most useful in the United States or other countries where there are no more operating 2G base stations. See [Wikipedia page on past 2G networks](https://en.wikipedia.org/wiki/2G#Past_2G_networks) for information about your country. In countries where 2G is still in service (such as most of EU), this heuristic may trigger false positives. In that case you should consider disabling it. However this heuristic has been vastly improved to reduce false positive warnings and new tests in European networks show that false positives are vastly reduced. +This heuristic is useful even in countries where 2g is still prevalent. A well behaved tower should always advertise its other 4g neighbors at a higher priority than 2g/3g neighbors. (Older versions of this heuristic were prone to false positives.) ### Null Cipher diff --git a/lib/src/analysis/priority_2g_downgrade.rs b/lib/src/analysis/priority_2g_downgrade.rs index ad87cac..78f06f0 100644 --- a/lib/src/analysis/priority_2g_downgrade.rs +++ b/lib/src/analysis/priority_2g_downgrade.rs @@ -59,7 +59,7 @@ impl Analyzer for LteSib6And7DowngradeAnalyzer { } fn get_version(&self) -> u32 { - 1 + 2 } fn analyze_information_element(