I assume it’s the same as the Internet (or more specifically HTTP): It wasn’t designed with security in mind.
Unlike HTTP, for some reason it wasn’t included in a new specification, though. My guess is that’s because of the more centralized nature of cellular networks. The barrier for entry is a lot higher as well so there are few but big players who have little incentive to improve over the bare minimum.
IIRC encryption was initially proposed to be part of 5G but got shot down in the process.
I assume it’s the same as the Internet (or more specifically HTTP): It wasn’t designed with security in mind.
Unlike HTTP, for some reason it wasn’t included in a new specification, though. My guess is that’s because of the more centralized nature of cellular networks. The barrier for entry is a lot higher as well so there are few but big players who have little incentive to improve over the bare minimum.
IIRC encryption was initially proposed to be part of 5G but got shot down in the process.