Comment by pragma_x

Comment by pragma_x 3 days ago

6 replies

View on Hacker News

> make the device exagerte some existing functionality to a point where it caused a malfunction? Thoughts on this?

I'm actually astounded by the things that must have been in place to make this attack even plausible, let alone viable. At the same time, the ramifications are sobering. Here's where my head is:

- Hezbollah failed to inspect electronics that, if tampered with, could have lead to some kind of intel breach. That or the explosive modifications were indistinguishable from the real thing.

- Operatives knew what pager numbers were in use by Hezbollah, perhaps exclusively to the rest of the population.

From there I have three possible explanations for how this may have been executed:

1. Many shipments of such pagers bound for Hezbollah in Lebanon and other places in the region, were identified, intercepted, modified, and sent on their way with minimal delay. You probably don't get many opportunities like this (how often do you replace a pager?), so this is really quite a hat-trick.

2. Or: there are many more pagers out there with a very dangerous vulnerability on board, with only a special pager sequence that stands between the user and sudden death. This suggests simply infiltrating the manufacturer instead. This also has much more favorable lead times and can leverage the manufacturer's resources to that end.

3. Or: There's a pager manufacturer out there with gob-smackingly bad engineering and software on completely stock units, which operatives simply exploited to (sub)lethal effect.

fmobus 3 days ago

You don't have to intercept a shipment and tamper at large scale with incredible speed if you're posing as the supplier.

That's what I believe happened. Specially likely if you consider that terrorist orgs are not exactly putting RFPs or doing large orders at legit vendors. That gives you the chance to pose as a helpful supplier that operates on the down low and accepts cash on delivery, etc.

Reply View 0 replies
wut42 3 days ago

> what pager numbers

This is where it gets confusing. We all remember the pagers running on cellular/2G networks but it seems that nowadays most pagers are HF devices and mostly broadcast receivers. Quite unclear which one are involved.

Reply View 4 replies
  • pragma_x 3 days ago

    Good point. I'm kind of a dumb-dumb when it comes to present-day pager tech. I haven't even seen one in decades.

    Let me rephrase the question then: if any measure was made to target just the pagers that were in the hands of Hezbollah, how was that accomplished?

    Reply View 1 reply
    • wut42 3 days ago

      So far all I've seen is speculation that a specific shipment was targeted.

      I'm pretty sure they weren't cellular pagers as they don't seem to be the norm nowadays.

      Reply View 0 replies
  • andrewshadura 3 days ago

    > We all remember the pagers running on cellular/2G networks

    Who does? I'm not aware of pagers running on the GSM network. Maybe they existed, but I don't think they were ever widespread.

    Reply View 1 reply
    • wut42 3 days ago

      You're right. It existed and had a short span of life/fame in some countries but that is all. Most pagers were on their own protocol/frequency. the protocol seems to be mostly the same theses days: POCSAG

      Many commenters here also assumed like I did it was some cellular/SIM devices but it wasn't that much widespread.

      Reply View 0 replies