Is my neighbor's 4G LTE Cellspot degrading my service?
For reference I live in an apartment building which has acceptable T-Mobile service as I've gone years without any issues living here. A new neighbor has moved in recently, and I noticed that I have been experiencing worse call quality and more calls have been dropping. Our building has a very spotty internet provider with high ping and slow upload speeds. A few things lead me to believe that my new neighbors have installed a T-Mobile 4G LTE Cellspot. I'm familiar with the Cellspot because my parents live in a rural area and have one in their home. In the past my phone used to display 5G service regularly, now instead it displays LTE exclusively. When stepping outside about twenty yards away from the building my 5G service returns. I also receive better speeds when running a speed test outside away from my building. Inside of my building I barely reach 40 mbs down and usually below 5 mbs upload speed which is important for calls and video calls. Speed and the quality of calls has never been an issue before. But only recently because of this I’m needing to leave my home to make calls. It's frustrating because like I said this is a recent issue and I can pin it to something that's making it worse. I use my T-Mobile service to get away from my terrible internet to begin with. I understand that there is no way to connect to the tower directly because the Cellspot is basically a small tower itself and the phone connects there by default. What are my options?How secure is T-mobile's service? Is it encrypted?
How secure is T-mobile’s service? Is packet sniffing or a man in the middle attack possible on the T-mobile network? I know that most ISPs have a good idea of what a user does on their network. You can typically just use a VPN to enable more anonymity online. But from the signal between a device and the cell tower i’m guessing there can be multiple security issues. Lets say I login to my T-mobile account or bank account. And someone has set up a repeater or fake signal that my phone connects to thinking its the T-mobile service. Would that person be able to see the data being transferred over the network. Or is the signal my phone sends out encrypted not allowing for this to happen. Devices like the 4G LTE Cellspot connects to a customers own router and allows them to broadcast a T-mobile signal using their home internet. Are people that own this device able to see data and traffic from my phone? They could possible configure their router maliciously to look at all traffic coming from a 4G LTE Cellspot device with unsuspecting T-mobile customer connecting to it thinking its connected directly to a cell tower. Another way this device can be abused is the person can limit their bandwidth to the device to unusable speeds but all phones around it will still connect to it because its the strongest T-mobile signal. This would degrade the service and make the T-mobile service around that device practically unusable. I swear I’m not paranoid. Just a student studying security and these questions came to mind. Thank you.
Security issue: t-mobile will not stop trusting browser!
t-mobile is always trusting my browser and device and it is never asking me for two factor. I tried clearing all cookies but t-mobile just lets me sail on in with only a user name and password. Steps I took… Log in first time. t-mobile asks for dual factor which is good and expected. I accidentally clicked that I did not want t-mobile to ask me again on this device/browser. I could not find any way to “untrust” the browser/device. I could not find any help on this. I logged out and logged back in… t-mobile lets me in without dual factor... I tried clearing all cookies. I log in again, and t-mobile simply accepts my user name and password without any second factor. Most all websites I know allow a user to “untrust” a device, or at least clearing cookies will resume asking for dual factor’s second factor. This seems very insecure. Anyone (or any malware) commandeering the browser can log in without dual factor and I cannot see any way to stop that… it’s like t-mobile is remembering the device/browser some other way… but if that’s the case, the online login should have an option to “untrust” the device/browser (or cookies should do the same). Forgive if I’m missing something but I have never seen this kind of behavior before except for cases where dual factor is broken.