Oh-oh

The designers of your new 'smart' electricity meter are as dumb as a rock:

New electricity meters being rolled out to millions of homes and businesses are riddled with security bugs that could bring down the power grid […]. The so-called smart meters for the first time provide two-way communications between electricity users and the power plants that serve them. Prodded by billions of dollars from President Obama's economic stimulus package, utilities in Seattle, Houston, Miami, and elsewhere are racing to install them as part of a plan to make the power grid more efficient. Their counterparts throughout Europe are also spending heavily on the new technology. There's just one problem: The newfangled meters needed to make the smart grid work are built on buggy software that's easily hacked, said Mike Davis, a senior security consultant for IOActive. The vast majority of them use no encryption and ask for no authentication before carrying out sensitive functions such as running software updates and severing customers from the power grid.

(From The Register via !='s Absolute power shuts off absolutely (with emphasis added))

Anyone seen one of these yet? This part doesn't sound fun:

To prove his point, Davis and his IOActive colleagues designed a worm that self-propagates across a large number of one manufacturer's smart meter. Once infected, the device is under the control of the malware developers in much the way infected PCs are under the spell of bot herders. Attackers can then send instructions that cause its software to turn power on or off and reveal power usage or sensitive system configuration settings.

This entry was posted in Sufficiently Advanced Technology. Bookmark the permalink.