Comment by matthewdgreen
5 months ago
The novel information in this article (confirmed by some technical experts on other platforms) is that this kind of SMS scam relay is a well-known sort of enterprise. I wasn’t aware of this, although it doesn’t surprise me. Once you have that context, the rest of the NYT article kind of falls apart by itself.
I wouldn’t say the NYT article falls apart it is just less sensationalistic. Very likely as this substack article suggests that these SIM farms do knock out SMS from time to time because they DDoS the tower. So that part is correct. Nation state ? Ok maybe far fetched. These farms are not out of reach of a normal person who over time purchases the technical pieces. It’s an investment.
The NYT article fell apart the moment they quoted the silly "35 miles from UN headquarters" quote by the SS without pointing out it's an absurd attempt at sensationalizing. No need to read further than that before figuring out it's a propaganda piece.
That's the figure that has been cherry picked and everyone has run with to dismiss the announcement yes. While it probably was included to sensationalize, I fail to see how that is some kind of smoking gun that somehow falsifies all the rest of it. Everyone buying into this is showing their bias
9 replies →
DDoS the tower? These look like they represent less than the aggregate crowd at MSG, or even a fairly dense office building (of which there are plenty in NYC). Didn't seem like enough to launch a coordinated DDoS attack. Also, just from looking at the base units, it appears the ratio of SIMs to radios/antennas is Many:1, so not all SIMs can be leveraged in a DDoS at any singular time.
Somehow I doubt telecom infrastructure in NYC is susceptible enough to completely drop service citywide when under attack from one DDoS source. In fact, I suppose this is technically just DoS, because all these SIMs should be served by 1, maybe 2 towers.
I don’t know whether it’s possible with modern networks, but it was basically impossible to DDoS a tower with SMSs. Either the tower was unavailable at all times even without text messages, or SMSs never caused a problem. You couldn’t even send many text messages at once, it took a while to send say 50 SMSs, like minutes. I know that the tech stack is different nowadays, but it really depends on prioritisation, which I don’t know much about.
Ok, that makes sense. I couldn't quite fish that out of the article (there's a lot more being said that obscures it), but you're right. If this is indeed relatively common (at this scale and/or level of sophistication), then that definitely would make it much more likely that this is a PR stunt. Not completely settled, but much more likely.
Article's subheading is "it's just an ordinary crime". It seem comparable to a situation where you have a gang with a huge weapon cache that gets found and the press says "enough fire power to outgun the police" and someone says "dude, they weren't aiming for the police, just their rivals".
Sure, the press may put a "threat to the nation" spin on things that might be a bit sensational. But the "you're making something out of nothing" claims seem to do the opposite. Criminals with the ability to cause widespread chaos seem worrying even if their may motivation is maintaining their income stream.
That sounds plausible, but could you link to those technical experts? I never heard of the author of this blog and he’s all “trust me I’m a hacker.”