yomna nasser
I am a software engineer leading the Android Cellular Security Team at Google.

professional interests
cellular radio security, civil liberties, cryptography, and pure mathematics

abridged work experience

• Android Connectivity Security Team (2020 - current)
• Implemented disabling insecure 2G cellular connections in Android 12 at the hardware level. (2020-2021)
• Completed multiple Pixel cellular radio/modem Red Team excercises. (2020-2022)
• Designed and implemented the ability to reject non-encrypted and non-ciphered cellular connections in Android 15. (2021-2023)
• Designed and implemented (1) full transparency into the ciphering / integrity algorithms used by the modem for OTA radio communications, (2) information about cellular identifier disclosures (e.g. IMSIs, IMEIs, etc), including associated user notifications. (2022-2025)
• Expertise in designing Android framework hardware APIs with OEMs, and facilitating security/privacy engineering discussions with carriers internationally.
• Mentored intern(s) in radio attack implementations using open source GSM and LTE implementations.
• Conducting regular design reviews of the security/privacy impact of new connectivity features in Android.


• Electronic Frontier Foundation (2017-2020)
• Software engineer on certbot (a Let's Encrypt client) and crocodile hunter.
  • Livestreamed fixing bugs in Certbot on Twitch :)
• Authored a primer on cellular security attacks


• Various other software engineering jobs (2012-2016)

selected publications and talks

• The Attacker Has Expensive Radio Equipment, But Your Android Phone Is Resilient - Strange Loop (2023)
• Fixing Insecure Cellular System Information Broadcasts For Good - RAID (2024)
• Industry and Academic Collaboration in Cellular Security Research - ACM Wireless Security (2023)
• Cellular radio null ciphers and Android - Real World Cryptography (2023)
• Gotta Catch 'Em All: Understanding How IMSI-Catchers Exploit Cell Networks (2019)
• IMSI-catchers comic by Julia Evans

media coverage

• Cybercriminals Have a Weird New Way to Target You With Scam Texts - Wired (2025)
• One Small Fix Would Curb Stingray Surveillance - Wired (2020)

selected professional activities

• Advisory Board Member - Electronic Frontier Foundation
• CVD Panel of Experts - GSMA (Past)

academic program committees

• ACM CCS 2025
• ACM WiSec 2023

contact
email: yomna {swirly a} yomna {dot} net
social media (personal): bluesky, mastodon

♡