• lemmyman@lemmy.world
    link
    fedilink
    arrow-up
    25
    arrow-down
    2
    ·
    2 months ago

    I would love to see a detailed technical explanation for how this would be possible.

    I design battery-powered electronics for a living and I can’t think of any design that would let a battery explode with the violence these did, let alone on command. Unless it were deliberate.

    • steventhedev@lemmy.world
      link
      fedilink
      arrow-up
      2
      ·
      2 months ago

      Best I can get is figuring out a way to reuse some pins on the uc to isolate two or three caps to use as voltage pumps and then dump the whole thing at once into the battery.

      I somehow suspect Electroboom is going to get a lot of new viewers in the next few days

      • comador @lemmy.world
        link
        fedilink
        arrow-up
        3
        arrow-down
        1
        ·
        edit-2
        2 months ago

        Reading a bit more into it, seems all of them were Motorola Apollo Gold pagers (I stand corrected), so they had to have exploited the li-on charging pins to either create a loop causing thermal runaway, or spam different voltage discharging signals via their payload. Regardless, it’s a truly impressive exploit.

    • comador @lemmy.world
      link
      fedilink
      arrow-up
      5
      arrow-down
      4
      ·
      edit-2
      2 months ago

      Here’s your detailed tech possible explanation with citations:

      Pagers known used in the attack were Apollo Gold AP-700, AP-900 and AP-924, which all use the same ALA25 programmable logic chip.

      If you google the Gold Apollo AL-A25 Programming Manual and look for battery gauge inputs, you can see it is possible to program the voltage ranges.

      By setting the battery gauge level-high to an invalid selection that is also greater than the low level it creates a bridge between the anode and cathode, resulting in thermal runaway which will in fact cause the battery to overload and explode due to the increased temperatures.

      We’ve done this using similar batteries on battery backed write cache controllers sitting in a nema-3 enclosure just to see what the tolerances are.

      Edit Citations:

      https://www.mitsubishicritical.com/resources/blog/thermal-runaway/

      https://www.apollopagers.com/support/al-a25-gold-pc-programming-manual/

      https://www.manualslib.com/manual/1198103/Gold-Apollo-Al-A25.html?page=23&term=voltage&selected=1#manual

      Programmable chip responsible:

      GAPOLLO AL-A25_6 RA5794.1 chip = AP-900 and AR-924 models

          • nova_ad_vitum@lemmy.ca
            link
            fedilink
            arrow-up
            3
            arrow-down
            1
            ·
            2 months ago

            By setting the battery gauge level-high to an invalid selection that is also greater than the low level it creates a bridge between the anode and cathode, resulting in thermal runaway which will in fact cause the battery to overload and explode due to the increased temperatures.

            First part of this is gibberish. Second part is just describing a short of the battery, which will destroy it, but is completely inconsistent with video footage which shows small high explosive charges going off. That is not how battery shorts happen. This was not done in software, there were actually explosives installed in the devices as reports are starting to now state. But you know, good job on the sheer volume of words you wrote.

            • comador @lemmy.world
              link
              fedilink
              arrow-up
              2
              arrow-down
              3
              ·
              2 months ago

              Surprised you responded, I’ll respond back later when I get home so I can share the level of detail it is I am talking about.

              • nova_ad_vitum@lemmy.ca
                link
                fedilink
                arrow-up
                4
                arrow-down
                2
                ·
                2 months ago

                Nothing you say will make a lithium ion battery into a high explosive. There is no combination of words you can say that will make that true.

                • comador @lemmy.world
                  link
                  fedilink
                  arrow-up
                  2
                  arrow-down
                  2
                  ·
                  2 months ago

                  So wait, you come storming in trolling fake bs fake. Then I come back with citations that I sincerely forgot, you then respond with zero evidence to the contrary to “educate me” and go out of your way to just shut down, cross your arms and pout?

                  Yeah. really, sincerely, you have zero ethics.

                  • nova_ad_vitum@lemmy.ca
                    link
                    fedilink
                    arrow-up
                    4
                    arrow-down
                    1
                    ·
                    edit-2
                    2 months ago

                    Your citations aren’t relevant . Link dumping nonsense isn’t an argument. This attack was done through hardware manipulation, not merely software on otherwise normal hardware. Nothing you said even begins to refute that. There are millions of videos of Lithium Ion battery thermal runaway and none of them look anything like the videos of these pagers exploding. You’re just wrong. Take the L bruh.

    • Badabinski@kbin.earth
      link
      fedilink
      arrow-up
      2
      arrow-down
      1
      ·
      2 months ago

      Same here. Like, there has to be some kind of specific vulnerability in these pagers, right? You can’t just “heat up the battery,” you need something that will actually use the power. If the pagers weren’t compromised between the manufacturer and the recipients, then there’s some major fuckery afoot.