Hezbollah has been warning its members not to use cell phones because they get targeted by using them too. Seems like the pagers were supposed to be the workaround for that.
Lots of pagers operate in one-way only mode. Towers transmit messages without expecting acknowledgement a few times, pager is configured to filter out and only alert on messages routed to its ID.
Sure, theoretically one can detect a receive-only radio, but its massively more difficult than detecting something which actively transmits.
Most pagers do, yes. They are also usually unencrypted. And due to the one way nature, even if they are encrypted, PFS (perfect forward security) is impossible. Meaning that if someone captures the encrypted messages they can decrypt them all the way back when the encryption key is obtained.
But the impossibility of any kind of location tracking is definitely a plus of one-way pagers. Not just for terrorists. I'd get one if there were still a network where I live. It'd be really nice to be reachable and not be tracked 24/7 for once.
While the messages are not encrypted, you just have your actual message coded. Have agreed on phrases and what not discussed out of band. Send dummy messages to throw people off and not know what is a real transmission or a dummy one. Is that numbers station just spouting gibberish or communicating with spies?
The market closes at 5, dinner at the hotel, Grandpa will bring home the wine, bring your hat. Charlie 5 Alpha 2 4 7 3 Bravo. Maybe this is just discussing someone's evening, maybe its coordinating a group action.
Many pagers are receive only. The tower has no idea who's listening; it just broadcasts out the messages that it's told to. Pagers are much less trackable than phones.
> Surely a pager message isn't transmitted from every tower everywhere.
They generally are!
Some systems required the sender to select a geographic region to increase bandwidth efficiency, or alternatively the pager owner to update their coarse-scale location with the operator after moving significant distances.
The latter is what the old Iridium satellite pagers did (do?), for example. (Not sure how the new GDB-based ones work.)
The new Iridium pagers are two-way as far as I've heard. Only the old ones were one-way.
I think the service is finally being decommissioned due to the Iridium Next satellites not supporting it anymore. It has been supported for more than a decade without onboarding new customers though.
> The new Iridium pagers are two-way as far as I've heard.
Apparently that's optional:
> Iridium Burst-enabled devices can be configured as receive-only so that no transmissions are made, a feature valued highly by some customer segments.
> I think the service is finally being decommissioned due to the Iridium Next satellites not supporting it anymore.
If that's the case, it would have been inoperable since 2017 – they deorbited the old satellites immediately after confirming deployment of the new ones.
That's exactly how they work, actually. Or at least worked, traditionally. There are assuredly some two-way pagers out there now.
But yeah, you'd usually pay for service in a certain (large) geographic area, and if you wanted to take your pager out of that area while on a trip, or if you moved, you'd have to let the pager company know so they could start broadcasting in the new area.
They might have watched The Wire: you page Alice, and she uses a public phone to call you. Undetectable unless you wire all public phones in the city, or someone is dumb enough to always use the same phone (which is what happens in the series; they eventually switch to burner mobiles).
To be fair, they rotate the burners in the series every 2 weeks and it takes the police more than a week to get up on the new ones.
It was cool to see that it was in fact an opsec fail (the guy buying the phones all over the country got lazy and bought too many from the same shop) to break through that. Pretty realistic. Like most of the wire in fact.
Although one thing in the wire I don't understand. Pagers are really easy to intercept, anyone with a scanner (with discriminator output) can do it and could do it in those times. I did it many times during the days when pagers were still in full swing. I really don't understand why they needed a court order for that (in season 1).
> Pretty realistic. Like most of the wire in fact.
The show creator worked for years as a journalist on the crime beat in Baltimore, I expect most of the opsec seen in the series comes from real cases.
> really don't understand why they needed a court order for [wiretapping pagers]
As others said, you need it from a legal perspective rather than a technical one. This is particularly true in the US, where the "fruit of poisonous tree" doctrine is pretty strict: if your evidence was not gathered in the proper manner, it must be discarded and it invalidates any further effort based on it. In specific, wiretapping is illegal even when done by authorities, unless they've been authorized by judges - the relevant US laws were tightened up after it emerged (with Watergate) that president Nixon was eavesdropping on his political rivals.
I thought SUSE had a desktop version. They used to sell it at places like walmart back when you'd get linux on cd/dvd media, but its been a long time since I've seen that.
There is also stuff like PopOS that comes on System76 computers or PureOS for Purism/Librem computers.
Yeah, banks try and encourage overdraws because they make a bunch of fees off them. I remember reading about some of them getting in trouble for reordering same day deposits in a way to maximize the overdraw fees.
Seems like microsoft is getting put into the headlines because the Crowdstrike versions for mac and linux aren't affected. Plus Crowdstrike has a history of pushing people onto microsoft tech support when their software causes problems.
Microsoft should have a certification program for software that messes around with kernel modules that could cause a BSOD. I guess they already do this for hardware drivers.
Once software is effecting a certain number of endpoints the vendor has to prove they are testing sufficiently.
Crowdstrike has caused kernel panics on Linux systems in the past too. I push FOSS hard and will hold that this is an example where using FOSS for all critical business software would have saved companies, but I don't particularly blame Microsoft directly for this outage. Incompetent IT managers buying software from their golf buddies is the real heart of the issue.
I don't blame Microsoft in the tactical sense for this outage, but I blame them in the strategic sense. Here's what I mean.
Microsoft is all in on kernel extensions, when Apple has shown that you can deprecate them and move the most important use cases outside the kernel. I blame Microsoft for not starting the herculean task of deprecating kernel extension. Remember, Satya Nadella said recently that Microsoft will put security above everything else, even backward compatibility. Then the Recall fiasco happened and Nadella was caught pants down with the useless value of his word.
Apple gets away with a lot of things MS would never get away with, so I am not sure that saying "apple did it" is a good argument. It still may be a good idea to move away from kernel modules, I would tend to agree with that in general. But there is a whole class of problems that come from allowing third parties to push updates to your critical IT systems- kernel or not.
You’re right that Apple can get away with things Windows can’t. But in the case of kernel extensions, I think Apple has shown a valid path Microsoft should take.
It seems like their criteria for quality of life are poorly chosen if Texas is the worst quality of life state and is also the one with the most people moving to it.
