Comment by some_random a year ago
We can't really do much more than speculate right now, but it seems like the most likely answer is that a shipment of pagers was intercepted and implanted with explosives. Israel has done this before to assassinate a prominent bomb maker. https://en.wikipedia.org/wiki/Yahya_Ayyash#Assassination
> It can be explosives planted, but maybe it can be batteries modified to explode instead of burn.
That is not really a thing, from a technical point of view. Changing the chemistry of the battery (assuming that a suitably explosive one exists; these tend not to be developed very far) would just be swapping an explosive and not a modification. Doing something like adding some vessel to build up pressure within the battery sounds impractical (you’d need something very resistant to heat as a battery fire goes above 2000 K), at which point it’s not worth the trouble.
The most likely is either some explosive besides the battery, or something that looks like a battery from the outside, but is actually half explosive on the inside to at least pass superficial inspection.
This kind of damage really does not look like a battery gone wrong. It would have left all sorts of chemical residues and burned very differently.
> The most likely is either some explosive besides the battery, or something that looks like a battery from the outside, but is actually half explosive
That is the most plausible explanation. It can’t be an obvious thing or someone would notice it. If it looks like a plain battery pack, nobody would think of cutting it open.
The explosive here could be perhaps just 8mm x 8mm x 8mm to do the sort of blasts you see in the videos. Thats fairly small, and could easily be hidden in a device.
Inside the battery is perhaps the best hidden, but you'd need to own a bunch of battery manufacturing facilities (expensive). Cheaper would be to simply remove some other component (eg. one of two speakers) and replace it.
One easy way to conceal the explosive would be to overmold it in a cavity inside the plastic enclosure. This would escape all but the most thorough inspections. And since battery terminals are typically also embedded in the plastic this can provide a clandestine supply of power and signal with something like Dallas protocol to the fuse.
I work in the battery space.
All you have to do is build replacement batteries without the pressure relief vents. You can easily get a Chinese manufacture to do this for a fee and properly some complaining about how stupid it is to do.
Then wrap it in some nichrome wire and have a micro run some power through it. The nichrome wire will overheat the cell really quickly causing the cell to rapidly over pressurize and boom.
Small pouch or prismatic cells that would be used at the size of a pager generally won't burn. And I speak from experience of doing stupid shit to them in the name of testing, nothing like using the nail puller side of a hammer to puncture them, or rigging up a fixture with 3 concrete nail guns to shoot it or well, fun stuff
This wasn't a battery, it doesn't match the damage seen. The evidence has all the hallmarks of a small charge of high-explosive.
Explosions are essentially about extremely rapid expansion of gasses. I don’t see how a battery, even one that is rigged to fail, can explode in an instant. Shorting out, overheating, and ultimately exploding because the battery compartment can no longer contain the expansion has got to be too slow by many orders of magnitude. Your theory makes no sense to me.
These pagers probably had puch cells - those catch fire violently, but don't explode because the film can't contain much pressure.
You are probably right but explosives risk detection, either by the militants or by the airport security if taken to a flight to a country with serious security.
Detection by airport security might probably be avoided using the right type of explosive. I have no real idea about this, but I suspect that any nation-state with enough budget and know-how can manufacture undetectable or very hard-to-detect explosive devices. If the explosive is encapsulated in a sealed airtight container, which is properly "washed" after manufacturing, I guess there's no way to chemically detect the explosive inside. Not sure about how to avoid X-Ray detection but that's generally not the way explosives are actually detected.
And, is the device anyway going to pass through airport security? I guess the owners are not really travelling on commercial airliners.
news reports suggest 1000+ of these devices exploded.
In a country where lots of people would happily crack open the lid of a device to replace the battery or otherwise tinker, the explosives must have been well hidden, not just tucked into the case.
I don’t think they’re saying you’d need to change the chemistry though, they’re saying they could have altered way it was packaged so that when it started burning there was nowhere for the gas to go.
Similar to how firecrackers work. If you take a firecracker apart and light the powder, you’ll get a flash and a lot of smoke, but no bang. The explosion comes from the pressure building up in an enclosure.
Disclaimer: not a chemist. Just a former unwisely curious kid
"If you take a firecracker apart and light the powder, you’ll get a flash and a lot of smoke, but no bang. The explosion comes from the pressure building up in an enclosure."
True. But if you open enough firecrackers and put the powder in a small plastic container you will not get a bang but a buff and a fireball the size of a car.
Disclaimer: I am a chemist and a former very unwisely curious kid
CCTV footage of one of the explosions:
https://www.reuters.com/world/middle-east/dozens-hezbollah-m...
This isn't how lithium batteries fail.
Yeah, this should remove any doubt that there were explosives involved. At the 500 to 1000 mA hour capacity typically used in pagers, even tampering with the battery's venting in an attempt to build up gas pressure would at worst result in a pop and some smoke from the top of the bag.
Blowing a hole in the side of the bag and sending debris for several meters is obviously not plausible with that quantity of lithium.
The explosion in the video does show visible smoke, but there is not a visible flame or fire.
That is what explosives look like. You're thinking 80's movies explosions, made with barrels of gas.
Tom Scott explains it better than I do https://m.youtube.com/watch?v=OOWcTV2nEkU
Amir Tsarfati: The updated numbers:
4000 wounded of which 400 in critical conditions
Al Jazeera from a Lebanese security source:
The pagers were brought to Lebanon 5 months ago. They were boobytrapped in advance. Each device contained an explosive weighing no more than 20 grams.
whoever is good/evil aside...
hezbollah got totally owned and look like fools...relying on tech they just took at face value out of the box
I had a rechargeable battery explode in my kitchen recently and it was like a small grenade went off. I'll see if I can find the photos but it shattered trim and bits went through a screen on the other side of the room.
So, an "excited" AA (which, I believe is what pagers usually use) could do a surprising amount of damage.
Photo: https://files.mastodon.social/media_attachments/files/111/40...
Urg, I used exactly this brand in the past.
Is an interesting problem. Maybe the experts in the area could help here. I assume that a worn battery near the end of its life is more prone to explode, but I wonder...
Would the dead cells in the battery take part in that; or are just dead and not reactive.
In other words: if a battery has only a 30% remaining alive; or a laptop has a very worn battery, would an hypothetical explosion by overheating be much less severe? or is still so dangerous as new?.
Those are NiMHs, aren't they? WTF? That shouldn't be possible.
Any idea what prompted the explosion?
It looks like 1-way pagers sold in the US are powered by AA or AAA batteries: https://pagersdirect.net/collections/1-way-pagers.
That's not to say that they couldn't have put a lithium AA or AAA battery into the pagers or inserted a modified AA/AAA battery that was a combination of lithium (with greater power density) and explosive.
It's also possible that they have fancier 1-way pagers than I'm aware of.
According to this post, the pagers that exploded had rechargeable batteries. They even used USB-C, so Hezbollah must be using somewhat fancy pagers: https://x.com/BabakTaghvaee1/status/1836082246538629490
Surprising nobody has yet posted the make/model.
Really shows that the HN community and the victims have very little overlap.
Elsewhere here listed as: Gold Apollo Rugged Pager AR924
https://www.google.com/search?q=About+https://www.gapollo.co...
So that Israel couldn't track their locations via cell networks. Sure you could use Signal or w/e but it's the cell IDs and knowing where people are that was the issue. The pagers do far less, if any, two way communication so it's not likely to give away location data.
Even a dumbphone with the GPS physically removed is going to be a lot easier to target than a one-way pager, since they are always chatting with the cell towers.
How do you fit an explosive into a pager and still have the pager work? Like, aren't they already optimized to have everything for inside super tight?
No, a pager is optimized to be a case size that's comfortable for carrying and reading. The electronics could be the size of the smallest wristwatch, which is already dominated by its own form factor requirements, not the PCB + battery + display subcomponents that are scarcely the size of a nickel.
A typical pager is about 60 x 40 x 20mm. Much of this volume requirement is driven by the 16mm diameter 34mm long CR123 battery, a lot of it could be empty.
That battery is a relatively safe lithium primary chemistry, not a rechargeable Lithium polymer pounch or lithium ion cylinder that would risk fire and explode if the overpressure vents were omitted and the BMS corrupted, but the primary lasts for years.
I bet you could use a CR1216 battery (1.6mm thin, 30mAh, instead if 34mm long and 1500mAh) instead and have quite a good deal of spare volume in the battery for an explosive. If you filled the entire pager, that would be even more room, but much more easily detected.
> I bet you could use a CR1216 battery (1.6mm thin, 30mAh, instead if 34mm long and 1500mAh) instead and have quite a good deal of spare volume in the battery for an explosive.
I'd be fascinated if that was the physical vector...
However, tainting a component pre-integration seems a lot more likely than simply packing explosive in the case.
Israel inserts the compromised components upstream in the supply chain, they're duly assembled into pagers, which then make their way to Hezbollah, where they're inspected, look normal, and work normally, and are then distributed.
That would still require a firmware hack to presumably trigger though (incoming message stack to component trigger).
According to the manufacturer the pagers have a nominal battery life of about three months so it's not likely someone would actually notice if this number is cut in half or less.
An ESP32 is a power hog meant to be plugged into a wall. Here are the current requirements for the various modes according to [1]:
Active mode, 260mA to 790 mA (!)
Modem sleep, 20mA
Light sleep: 0.8 mA
Deep sleep: 10 uA
Hibernate: 2.5 uA
Compare that to something like an STM32U5 microcontroller [2]:
3.1 mA Run mode at 160 MHz
19.5 μA/MHz Run mode at 3.3 V
6.6 µA stop 2 mode with full SRAM
1.7 μA stop 3 mode with 16 Kbyte SRAM
0.5 uA standby mode with RTC
0.3 uA standby mode (24 wakeup pins)
0.1 uA shutdown mode (24 wakeup pins)
That results in a power consumption ratio on the order of 100,000,000. ESP32s are not efficient.
[1]: https://lastminuteengineers.com/esp32-sleep-modes-power-cons...
[2]: https://www.st.com/en/microcontrollers-microprocessors/stm32...
Because it takes a surprisingly small amount of high explosive to cause the kind of damage shown in the footage we’ve seen so far. All it would take is for the battery to be replaced with a combo package - part battery, part explosive. No need for additional internal space.
Disclosure: my first job was in the Australian Defence Science Technology Organisation, Materials Research Lab, Explosives Instrumentation Group.
If cost per unit isn’t a consideration, I suspect you can shrink the size of the electronic components used in the pager to make room for a 20 gram explosive charge.
Pagers—especially commodity models—aren’t profitable enough to warrant cutting edge tech with the latest advances in microelectronics. Lots of room to improve things if you are making a set of them at a loss.
One possibility is to replace part of the battery. The smaller battery can be designed to lie about its charge, or you can replace with a higher energy-density battery and use the space saved for a detonation system (perhaps even incorporating the battery itself into this) and a small quantity of high explosive, which is pretty stable and safe until detonated. Contrary to popular belief, high explosives are actually relatively safe, and usually even burn safely or are hard to ignite at all in some cases. Package it up into something that looks identical to an unmodified battery. Modify device firmware and battery control circuitry to detonate it on receipt of a specific signal and... boom.
Thinner (less durable, but who cares?) plastic shell to free up space for explosives, but would likely be obvious if someone opened it - which might be a common thing if these were being used as remote triggering devices.
If they were using a AA battery, replace the battery with something that provides you space to work (e.g. put in a AAAA or button cell that would provide appropriate power but lower capacity) because you don't really care if the battery life drops from months to weeks.
I can easily envision a scenario that would preemptively “explain” why the pagers are internally different from past models:
Supplier: “Hey, we’ve got a refreshed model of the pager you wanted to buy in bulk. Interested?”
Buyer: “I don’t know, how do they work?”
Supplier: “Same as the other ones, minus a bit less plastic protection. With the weight savings they’ve added a new hardened receiver that’s supposedly more secure and will keep communications private. Also, they are 50% cheaper per unit…”
Buyer: “Say no more. We’ll take them.”
Pagers, by definition, are likely to be older technology.
The internals could be replaced with modern smaller and lower-power equivalents, requiring a smaller battery, and saving enough space.
(Or maybe somebody just donated a batch of innocent-looking devices to 'the cause', or offered a bargain on some 'extra secure' pagers?)
Exactly that. There is a video of a hole blown through a table surface with one. That is not happening with any off the shelf battery technology as is currently being heavily misreported. They were modified with explosives clearly.
Of course there is paranoia being sewn now about hacking and the batteries which is likely part of the ongoing operation as it will disrupt anyone they didn't explicitly target.
I’m not sure which image you are referring to but there are images of lithium battery explosions blowing holes into counters and faces. There are some linked here.
The image is from this video: https://x.com/babaktaghvaee1/status/1836074863032701208?s=12
Ahh so a simple supply chain attack. I was thinking it might have leveraged the built in batteries. But it was always unlikely, especially in a receive-only device.
Still, if you have the capability of such a supply chain attack, I would imagine the rewards of silent surveillance (tracking, audio) would be of much higher value than this kind of attack where 3 out of 1000s targets were killed.
3 killed but thousands inoperative and hospitals flooded - I would expect an immediate armed escalation
Hezbollah has been escalating their armed attacks against Israel for almost an entire year, parallel with the war in Gaza. Every day tens of rockets hit Israel, almost the entire north of Israel is evacuated of civilians.
I realize that this is not widely known, attacks against Israel receive far less attention in the news than do Israeli retaliations.
Do you have a cite? Otherwise I think every study conducted in the last few decades have found that attacks against Israel is over-reported whereas attacks against Palestinians are under-reported. See f.e: https://theconversation.com/bias-hiding-in-plain-sight-decad..., https://theintercept.com/2024/01/09/newspapers-israel-palest..., https://lab.imedd.org/en/dead-versus-killed-a-closer-look-at...
As tends to be the case with this sort of complaint, it absolutely makes the news.
Quick sampling of examples:
https://www.france24.com/en/middle-east/20240908-hezbollah-f...
https://www.aljazeera.com/news/2024/7/4/hezbollah-fires-reta...
https://www.bbc.com/news/articles/cw9y7wqn8j5o
https://apnews.com/article/lebanon-israel-hezbollah-hamas-ro...
It doesn't make a big splash in the news because it tends to be severely ineffectual, but it has been pretty widely and continuously covered.
The "news" doesn't even seem to exist anymore. News providers have adapted to the readers only wanting hear their own views supported.
Not only are there specific providers for specific worldviews, but major providers seem to spit out articles catering to every viewpoint. You can find probably find multiple pro Israel and anti Israel articles coming from a single news source on a single day.
So, I dunno maybe we need some kind of cumulative news app to get any kind of meaningful idea of how things are actually leaning. Like an AI summarizing sentiments of the 20,000 articles on Israel in the last week to determine if the news is slanted.
> attacks against Israel receive far less attention in the news than do Israeli retaliations.
this is false
the rockets in northern Israel have been going on for years (as are rocket attacks into Lebanon), so just not much news anymore
> attacks against Israel receive far less attention in the news than do Israeli retaliations.
I think retaliations are pretty fruitless anyway. Both sides have been lobbing missiles at each other for decades. This eye for an eye thing keeps going even though both sides have run out of eyes a long time ago.
Maybe talking might be an idea? Just saying...
Their comms and command infra is now hosed and all the operatives concentrated in hospitals. They are dead in the water.
Hezbollah has more than 100,000 fighters, so this would be what, one or two percent injured.
Everyone has cell phones that they can use in addition to the pager, so I don't think it's very accurate to say the communications are hosed either
They have about 100'000 members, and this attack has killed about a dozen, and injured about 2000. Only one recent shipment of pagers was affected. I don't think they are unable to respond.
How would this be an escalation trigger after a year of missiles and airstrikes with 1000 Hezbollah dead and 100k civilians displaced on each side?
Face saving. It's easier to put a PR spin on something only a few people actually saw. It's going to be hard to convince their rank-and-file this isn't a bit deal and deserving of retribution.
Israel is desperate to provoke? Hezbollah is bombing Israel since the October 7th attack. 300,000 refugees inside Israel because of this bombing. Who is provoking who ?
We should avoid using the name of the country as a proxy for its current government. The people has nothing to do with this - this is all planned and executed under the auspices of the current prime minister and his associates.
Even though the people largely supports their agenda, an action that targets three people but affects 2,700 people as collateral damage would not pass by their parliament.
Why not both? Location data would be relatively easy to collect and forward, audio not so much (much higher storage and transmission throughput requirements for very low quality source data given the limitations of piezoelectric microphones and the fact that pagers are usually worn on belts).
If you're getting GPS data, collecting people's movements for a month or three probably provides 99% of what you will ever want to know. Once the patterns have been established you're into diminishing returns territory, while the risk of discovery goes up, which would neutralize the value of the explosive attack.
The strategic value of such a perfectly targeted surprise attack is massive, notwithstanding the relatively low fatality rate. Injuries are expensive and often devastating, and the psychological impact is brutal. Logistically, Hezbollah (and many other organizations, militant or not) are going to have to review and/or replace part of their communications tech. That's a massive technical disruption, a significant economic cost, and risks further exposing supply chain information. It's also going to create paranoia about many other electronic devices, poison in the food, and so on.
I'm not sure about the ethics of this. If one were certain that only Hezbollah officers were being targeted then it would be an acceptable kind of asymmetric attack through a novel vector.
However this also seems to have impacted quite a few civilians, and there is a claim (unverified so far) that a hospital just replaced all its pager equipment a couple of weeks ago and would otherwise have been impacted: https://x.com/SuppressedNws/status/1836080190855795092
If this happened in the US pursuant to one of the wars we've been involved in, we'd definitely be calling it terrorism and/or a war crime. It's a big strategic win for the Israelis in the short term but can hurt them two ways in the longer term. Hezbollah and other enemies of Israel will be significantly more motivated retaliate in some equally creative/unpredictable fashion, and non-aligned economic partners of Israel are likely to view Israeli products with renewed skepticism, hurting exports.
It would be a bit rich for us to call this a war crime, since our standard M.O. for targeted strikes --- like everybody else's --- routinely kills innocent civilians in much larger numbers than this.
Ok, so targeted strikes in the US by our enemies that have civilians as collateral damage is OK, is that what you are saying?
A couple of things on this:
1. It appears that the AUMBC referenced replaced their equipment but that had nothing to do with this and their doctors weren't impacted.
2. Your note of "...other enemies of Israel will be significantly more motivated retaliate in some equally creative/unpredictable fashion..." is strange considering that this is already the norm. Almost all (perhaps all) of the attacks against Israel have been from terrorists targeting civilians.
Given Israel's successful precision targeting of various senior Hezb members in recent months, I wonder if the pagers were initially used as such, but as suspicion mounted, and chances of an overhaul increased, they decided to hit the kill switch while they still could.
Although as as per an WSJ article: "The affected pagers were from a new shipment that the group received in recent days"
The pagers were likely one way with a codebook for the purpose of minimizing tracking and information exposure.
> I would imagine the rewards of silent surveillance (tracking, audio) would be of much higher value than this kind of attack where 3 out of 1000s targets were killed.
The reason they were using pagers, as opposed to phones, was to avoid exactly this kind of potential attack.
Pagers are (typically) a broadcast technology, the pager has no transmission capability. A page is broadcast from every tower, it has no idea where the receiver is. A targeted page is done by the receiver filtering out and ignoring pages that it isn't the recipient for (eavesdropping all pages is trivial).
The pager device is simple, it doesn't contain a GPS or have any concept of it's own location. No microphone or audio capability, very little processing capability. And adding such capability with something like a bug would be reasonably apparent to anyone opening one up and inspecting it.
For a supply chain attack.
How did they make sure a large percentage ended up in the hands of the targets? Seems like this could hit a lot of random people, just anybody using pagers. Unless they had way to target certain customers.
I think you're assuming that all pagers of this model were being sent out like this. That's unlikely.
Much more likely is they compromised someone in Hezbollah that was doing the ordering, or the distributor/vendor they ordered from, modified a couple thousand devices and sent them pretty much directly to their enemy, and only their enemy, to distribute among themselves. Then waited a bit, and set them off.
Most bugs can be easily found out by any competent counterintelligence team.
True but so can explosives. Clearly they were not competent.
Radio signals can be detected of course but it's possible to mitigate that a lot by only doing that at specific times and locations, or on request. And send the data out in batch. Ideally while you have the subject under observation so you know they're not monitoring for signals.
The same way Volkswagen hid their engine manipulation from tests by recognising the test and adjusting parameters.
Well, slightly off topic, but in the case of Volkswagen, everybody knew they (and other car companies) were doing it for at least a decade before the scandal blew up : car magazines were even publishing articles about it !
There are several sources online claiming the model used is the Gold Apollo Rugged Pager AR924. This pager is made in Taiwan, a country that has close ties with Israel and it's most important ally USA. Just a week ago Taiwan's Foreign Minister Lin Chia-Lung openly emphasized the critical importance of intelligence sharing and technology cooperation with Israel.
It was reported in Turkish news (allegedly via IRGC on X) that pagers are all Motorola branded, and supposedly at least include the Motorola LX-2 model.[1][2] However, the provided image of a Motorola LX-2 is also the first image on the Wikipedia English page for pagers.
There is also a photo circulating of a destroyed pager[3] which has visible writing "Distri: GOLD" and "Model: AP" (or "AR"). This has been matched to the Gold Apollo AR-924 model pager that is manufactured in Taiwan and is not a Motorola pager.[4][5][6][etc][7][8][9]
[1] https://www.turkiyetoday.com/region/this-is-how-israel-targe...
[2] https://i.turkiyetoday.com/image/resize/876x1024/wp-content/...
[3] https://i.turkiyetoday.com/image/resize/1280x1280/wp-content...
[4] https://x.com/JakeGodin/status/1836042111726072229
[5] https://x.com/PaDaGal/status/1836057094211969467
[6] https://x.com/Kahlissee/status/1836102796090953812
[7] https://web.archive.org/web/https://www.gapollo.com.tw/rugge...
Correction after more information has become available:
The Gold Apollo AR-924 model pager is reported to have been manufactured under license by Budapest-based company "BAC Consulting KFT", but the head of this company denies manufacturing the devices and instead described themselves as an intermediary, without providing further information. The Taiwanese company which allowed these devices to be manufactured under license also reported receiving strange remittances from BAC via banking systems in the Middle East (not Hungary).[1]
[1] https://www.telegraph.co.uk/world-news/2024/09/18/hungary-en...
"Taiwan has no record of Gold Apollo pages being shipped to Lebanon or the Middle East"
"Gold Apollo founder and chairperson Hsu Ching-kuang told reporters on Wednesday that his firm had signed a contract with a European distributor to use the Gold Apollo brand. Hsu said the distributor, which he did not name, established a relationship with Gold Apollo about three years ago."
https://www.cnn.com/world/live-news/lebanon-pagers-attack-he...
You are not thinking past the first point. Considering what these people have been doing lately, even if you are currently on their good side, what happens when you’re not or don’t want to serve them anymore? Think places like India and Brazil may be rethinking their supply chains right now?
Site is down: https://www.gapollo.com.tw/rugged-pager-ar924/
Archived a couple hours ago: https://archive.is/Kw0Pg
95g, USB-C rechargeable up to 85 days of operation, separate control and charging boards, multiple replaceable components for easy maintenance.
Probably lots of ways to free up space, most notably by using a smaller battery but with a few resources you could probably combine the boards and probably not even be obvious ("generation 2, less expensive to produce"). With state-actor level resources new boards would be easy as would something concealed within a LiPo battery.
TIL: pagers still exist.
I wonder, if these devices could be suspect, why don't they order these cheap Chinese GSM modules. You can't hide explosives in those.
Also, afaik all GSM modules broadcast their IMEI numbers over the network. Explosives or not, I'm sure they can all be tracked and triangulated, since they talk to the towers. I don't think these things are secure anyways.
That would make sense, since there's no such thing as a one-way GSM device. GSM towers (cells) need to keep track of which devices are in their vicinity and do smooth handovers to neighboring towers.
I'm not sure how the protocol you mentioned works, but I'd imagine it still needs some info about the whereabouts of the receiver to route the messages to him.
> most likely answer is that a shipment of pagers was intercepted and implanted with explosives
I agree, there are photos and videos of extensive damage to furniture and injuries that go way beyond what a small lithium battery would NORMALLY do.
Also, all the CCTV footage I've seen indicates explosions and not fire.
It can be explosives planted, However it can be batteries modified to explode instead of burn&outgas. I recall a video of someone losing their lives when their vape battery exploded. IIRC the vape's metal structure acted as a container that enabled pressure build up and eventual sudden release.
There are many stories about vapes exploding, some causing serious damage similar to these:
https://www.gazettelive.co.uk/news/teesside-news/vape-explod...
https://www.dailydot.com/debug/e-cig-vape-pen-explosion/
Kind of makes sense to modify the battery because since they still need a functioning battery anyway and the space is limited.