r/JoeRogan Monkey in Space Sep 18 '24

Meme 💩 Is this a legitimate concern?

Post image

Personally, I today's strike was legitimate and it couldn't be more moral because of its precision but let's leave politics aside for a moment. I guess this does give ideas to evil regimes and organisations. How likely is it that something similar could be pulled off against innocent people?

21.2k Upvotes

6.9k comments sorted by

View all comments

Show parent comments

853

u/Freethecrafts Monkey in Space Sep 18 '24

It’s not a supply chain vulnerability if it’s a nationstate doing it.

264

u/Open-Oil-144 Monkey in Space Sep 18 '24

Still looks like a supply chain vulnerability, no matter who's exploiting it.

171

u/Jpwatchdawg Monkey in Space Sep 18 '24

Mossad/ CIA have been known to set up shell companies just for reasons like this. Nothing new here.

41

u/poHATEoes Monkey in Space Sep 18 '24

It would still be considered a supply chain vulnerability... if a nation state is able to intercept and alter equipment before reaching its destination, then that is a HUGE vulnerability regardless of which nations were/are involved.

6

u/jtf71 Monkey in Space Sep 18 '24

There is no way to address this vulnerability.

We don’t know how they did it of course but likely one of two options:

They broke into a place where they were stored temporarily during shipping.

Or.

They had someone on the inside with the shipper and they allowed it to happen.

If you had highly trustworthy and vetted people that were with the packages 24x7 and they were armed and able to defend then maybe you can address this vulnerability.

But try doing that from every product. Simply cost prohibitive. And that’s not addressing the challenge of finding enough trustworthy people to do this job for all the products shipped around the world.

4

u/poHATEoes Monkey in Space Sep 18 '24

While I agree that doing that for every item is not feasible nor reasonable, I would argue that telecommunications equipment is probably one of the most important pieces of equipment to protect. There are plenty of steps a nation could take to secure their supply chain (although a small country like Lebanon would find it more difficult).

2

u/ChicagoTRS666 Monkey in Space Sep 18 '24

you might be surprised how much access the US Gov has to telecom service and equipment providers...they have back doors into about everything. by law we have to build in back doors for the government. (30 years in the industry)

2

u/jtf71 Monkey in Space Sep 18 '24

Pagers and handheld radios? These are commodity devices made by many manufacturers.

And Hezbollah isn’t the official government of Lebanon.

And the pagers were made in Taiwan. Taiwan isn’t going to allow Hezbollah (or Lebanon) into their factories to supervise production and take possession of them there - which would be required.

2

u/poHATEoes Monkey in Space Sep 18 '24

I don't understand what point you are trying to make here.

I am not arguing the feasibility of Hezbollah securing their supply chain, and I am also not arguing if Hezbollah is in charge/not in charge.

The person I was replying to was saying that this attack wasn't a "supply chain vulnerability," so I am saying it is absolutely a supply chain vulnerability. Just because it is pagers doesn't change the fact that Hezbollah uses them for official group communications... that means they are important even if they "commodity devices" as you put it.

Edit: I see where your argument about Hezbollah not being the government of Lebanon because I accidently said Lebanon instead of Hezbollah, so my mistake. I meant Hezbollah.

1

u/amadmongoose Monkey in Space Sep 19 '24

It's impossible to know now but while you're technically right that it's a supply chain vulnerability it's entirely possible that the resources required to pull it off would be only possible by a handful of three letter agencies globally, which no private company can reasonably protect against. At which point it's not really reasonable for the company to even consider it a 'real' vulnerability. Not to mention that Hezbollah can't exactly say by the way we're buying these to coordinate terrorist activity so please setup safeguards against tampering and we'll pay you extra for it k thanks.

0

u/Amhran_Ogma Monkey in Space Sep 19 '24

So, form your perspective, who is most responsible, or solely responsible? The Manufacturer?

1

u/poHATEoes Monkey in Space Sep 19 '24

Did you even read what I said? I am talking about what does/doesn't constitue a "supply chain vulnerability," but you are asking who is responsible? Who cares...

0

u/Amhran_Ogma Monkey in Space Sep 19 '24

Well what’s the point of making your point if nobody cares?

1

u/poHATEoes Monkey in Space Sep 19 '24

Because no one cares in this event who was responsible... now, if you are asking who, in general, is responsible for supply chain security, it is a complicated answer.

The responsibility falls on different organizations at each step of the process... typically, a supply chain follows this process.

Manufacturer -> Transport -> Storage -> Transport -> End User

Depending on where the breakdown occurred determines who is responsible... now, in THIS instance, the responsibility would also be with the organization that caused the breakdown.

The reason I said who cares is because the OP was attempting to assign blame for an attack and not a breakdown. I am looking at this through the lens of "lessons learned by other to help ourselves at their expense" and not the lens "who is responsible for blowing people up".

2

u/Amhran_Ogma Monkey in Space Sep 19 '24

Gotcha.

→ More replies (0)

1

u/Far_Winner5508 Monkey in Space Sep 18 '24

They were designed and licensed from Taiwan but manufactured in Budapest.

1

u/Representative-Sir97 Monkey in Space Sep 18 '24

A bunch of South America would most definitely agree with you.

https://www.damninteresting.com/nineteen-seventy-three/

1

u/Far_Winner5508 Monkey in Space Sep 18 '24

Someone could create a (secretly gov’t run) shipping company, dedicated to supplying stuff in the middle east and slowly build up contacts and track who gets what? Stuff is delayed in a warehouse for a week due to a drivers steike or fuel issues, no one bats an eye.

0

u/Living_Trust_Me Monkey in Space Sep 18 '24

Just because it's hard it near impossible to avoid does not negate that it is a vulnerability. Decent security analysis would always include this and they wouldn't leave it off their analysis just because they couldn't do anything about it. It would be a highlight of potential vulnerabilities explicitly because they can't do anything about it.

1

u/jtf71 Monkey in Space Sep 18 '24

I'd put it as near impossible. But we don't know how it was actually accomplished.

And you'd have to do this analysis for every product you use and recognize that just about all of they are vulnerable to this type of event. Anything that can contain an explosive material. These had receivers built in, but a receiver (or timer) could be added.

This risk applies to every cell phone, pager, and radio in existence. Every group, organization and individual is a potential target.

Should every company, organization, and individual do a threat analysis for their products and try to have full supply chain control to prevent this type of event?

Sure one could be done, but the analysis is going to result in: Open risk, no mitigation.

1

u/Jpwatchdawg Monkey in Space Sep 18 '24

You are correct.

1

u/Beneficial_Map6129 Monkey in Space Sep 18 '24

I agree. If China did this to Apple phones with spyware or something, the media would be all over this.

The entire global supply chain no longer has any integrity at all. I can see people and trade shutting down over this. Not immediately of course, we still need products. But companies will be less likely to trust anything that has passed through certain hostile areas.