>How is it possible that in 2026 we're not notified by default when we connect to a cell tower with no certificate so our communications is being broadcast into the air completely unencrypted?

5G added that with Subscription Concealed Identifier (SUCI), but it's still optional. Certificates also don't work because you need to be able to roam, and doing certificate management for every carrier on earth is fiendishly hard. Not to mention that it's not feasible to hide IMEI before authentication could begin, imagine hiding IP or MAC addresses before a connection can be established, for instance.

You're asking why a government, that is already known for massive surveillance, wants devices that nearly 100% of the population owns to be completely unencrypted?

should'nt you always assume your communications are being broadcast into the air unencrypted unless you're connected with ssl/tls? even if encrypted to the tower the carrier can still intercept all your stuff.

WiFi still lacks forward secrecy, and SNI is still almost never encrypted.

I think at least the former is intentional.

The moment this is rolled out is the moment government will start figuring out how to insert itself into the chain of trust so it will not matter.