New Smart Meters - good idea gone wrong ?

kippen_noedel

darude wrote: »

From what I heard, data travels through a mobile network e.g. Vodafone. So in theory, if your mobile phone doesn't get hacked (we're not talking about Bluetooth), then your smart meter shouldn't get hacked.

It varies, some use good old wifi, some use sms, some over power lines.

Nine of which are that easy for people to intercept but of no difficulty for criminals to use the data.

eg, bypassing security
without taking more than a minute I can bypass basic WEP encryption for wireless networks on a PSP, never mind a decent laptop. NO, I don't abuse this, only as a tool to persuade customers to use WPA2. (basic WPA takes on average about an hour crack). Cracking WPA2 requires luck and a substantial amount of time.

There is readily available equipment to snoop on mobile calls and sms, in this country thankfully very expensive and a serious criminal offence to own never mind use.

Criminals have the time and money to purchase real experts to pursue their ends.

Point of all this is, manufacturers should by default use the best encryption and authentication methods currently available. They don't.

SwanJon

kippen_noedel wrote: »

Point of all this is, manufacturers should by default use the best encryption and authentication methods currently available. They don't.

Seeing as the big push for smart meters isn't due to start until 2012, and the suppliers/regulator have still to agree how these meters will work etc it's a bit harsh to say that the meters won't use the best avaiable to the manufacturers.

kippen_noedel

It's far from harsh, all companies are already trilling them & a couple of smaller ones are actively promoting their use as a "benefit" to customers.

I've seen far too often new technology too easily abused thru poor implementation of security and badly written code.

dunloadin

kippen_noedel wrote: »

It's far from harsh, all companies are already trilling them & a couple of smaller ones are actively promoting their use as a "benefit" to customers.

I've seen far too often new technology too easily abused thru poor implementation of security and badly written code.

Must be Dutch with a name like that.

It seems pointless to try to get info to disrupt a meter, that said, anything with a microchip and a modem seems fair game to hackers. I'm pretty sure that there will be systems in place to prevent it happening to smart meters...probably won't be long before their obsolete.

Problem is, you can build the best systems in the world, lay down the specifications and send them out to tender, but the cheapest bidder will always get the contract.

cc004-2

kippen_noedel wrote: »

New smart meters are vulnerable to abuse by hackers.

They can be reset remotely in the same way a worm can take over your computer.

If your utility company wants to install one ask if the data being transmitted is encrypted and does it have a built in authentication protocol.

The worst case scenario is that you can be disconnected and it's not that easy for your supplier to reconnect you.

Meters at risk are manufactured by the following companies

GE Energy, The ABB Group, Sensus Metering, Itron and Landis+Gyr

I work for a large company where I test the protocol layers used in the communications on smart meters. The majority of what you have posted is cobblers. The utility companies will know within minutes of you trying to do anything untoward either to the meter or the communications. They are also not in the habit of "loosing" meters from the remote reading systems - 'cus that loses them income, and they'll be straight round to your house to find out why.

Any data transmission system is vunerable to hackers. I can absolutely guarantee that any would-be hacker has the odds very well stacked against them while trying to decode or re-engineer any of the communications on the products I work with.