> This becomes pretty farcical when you realise they are still allowed to use it for 4G (and indeed most 5G configurations bands 4G+5G signals together)
No, it is not a purely political farce. There is a fundamental architectural difference (that amounts to a technical one as well) that translates into a reason why 4G deployments are more «secure» as opposed to 5G deployments.
Unlike in 4G, where the data that is tunneled through the core network is always encrypted, 5G allows for encrypted tunnels to get terminated near 5G base stations to enable the mobile edge computing amongst other reasons. Server equipment that is deployed at the 5G base station site then can take an advantage of the substantially decreased latency for latency sensitive workloads (ehrm, 5G enabled Doom/Quake, anyone?). AWS have a product, Wavelength, that does precisely that, and I am pretty confident there are other telcos/products doing the same.
4G, on the other hand, never terminates encrypted tunnels and passes them through the core network unchanged. Therefore, retaining the potentially compromised 4G core network equipment alongside the 5G one is somewhat «safer» – in the sense that at least the unencrypted email etc traffic won't leak out. Especially considering that 4G is on the way out (medium to long term), hence there is no need to rush and start pouring massive amounts of money into replacing/decommissioning the 4G equipment now, although it might speed up the demise of 4G in the UK and other countries.
But if the 4G equipment doing the encrypting tunneling at both ends is potentially compromised how does that encryption help?
Also, nearly everything is HTTPS these days so I still don't see a massive attack vector here (at least one that wouldn't be spotted immediately like MITMing TLS connections).
I think the much greater "threat" rather than messing round with traffic itself is just to shut down masses of the towers and core networks remotely. In that case, switching off 4G would be way worse as (at least in the UK) all networks doing 5G require a 4G signal as well to bond against. So having separate 5G equipment wouldn't help one iota if the 4G stuff is down.
> But if the 4G equipment doing the encrypting tunneling at both ends is potentially compromised how does that encryption help?
The major attack vector for the compromised 4G equipment is the remote deactivation (or a wipeout or both) of it by an adversary. Breaking the encryption on the fly for volumes of traffic traversing mobile core networks is still technologically challenging. Hence the plain text communication can still be considered somewhat protected.
More on TLS and MITM. Even though our security unit deems TLS v1.2 and, until recently, v1.1 (!) to be secure and acceptable for the purpose of encrypting sensitive datasets in motion, I vehemently disagree with them and consider anything that is not TLS v1.3 to be insecure. The best compromise I have managed to coax out of the security unit is that the cost of a MITM for TLS v1.2 is still prohibitevely expensive for most players with nefarious intentions, albeit it is not entirely improbable.
No, it is not a purely political farce. There is a fundamental architectural difference (that amounts to a technical one as well) that translates into a reason why 4G deployments are more «secure» as opposed to 5G deployments.
Unlike in 4G, where the data that is tunneled through the core network is always encrypted, 5G allows for encrypted tunnels to get terminated near 5G base stations to enable the mobile edge computing amongst other reasons. Server equipment that is deployed at the 5G base station site then can take an advantage of the substantially decreased latency for latency sensitive workloads (ehrm, 5G enabled Doom/Quake, anyone?). AWS have a product, Wavelength, that does precisely that, and I am pretty confident there are other telcos/products doing the same.
4G, on the other hand, never terminates encrypted tunnels and passes them through the core network unchanged. Therefore, retaining the potentially compromised 4G core network equipment alongside the 5G one is somewhat «safer» – in the sense that at least the unencrypted email etc traffic won't leak out. Especially considering that 4G is on the way out (medium to long term), hence there is no need to rush and start pouring massive amounts of money into replacing/decommissioning the 4G equipment now, although it might speed up the demise of 4G in the UK and other countries.