Many smart electric meters in the US use the 900 MHz band to broadcast their usage out to meter readers as they walk the neighborhood. [Jeff Sandberg] used an RTL-SDR dongle and some software to integrate this data into his own home automation system, which lets him keep track of his home’s power usage.
Half of the comment section was appalled that the meters broadcast this data in the clear, and these readers thought this data should be encrypted even if the reach is limited to the home-owner’s front yard. But that would have stopped [Jeff] from accessing his own data as well, and that would be a shame. So there’s clearly a tradeoff in play here.
We see this tradeoff in a lot of hardware devices as well – we want to be able to run our firmware on them, but we don’t want criminals to do the same. We want the smart device to work with the cloud service, but to also work with our own home automation system if we have one. And we want to be able to listen in to our smart meters, but don’t necessarily want others to do so.
The solution here is as easy as it is implausible that it will get implemented. If the smart meters transmitted encrypted, each with their own individual password, then everyone would win. The meter reader would have a database of passwords linked to meter serial numbers or addresses, and the home owner could just read it off of a sticker, optimally placed on each unit. Privacy and usability would be preserved.
This issue isn’t just limited to electric meters. Indeed, think of all of the data that is being sent out from or about you, and what percentage of it is not encrypted and should be, but also about what data is sent out encrypted that you could use access to. The solution is to put you in control of the encryption, by selecting a password or having access to one that’s set for you. Because after all, if it’s your data, it should be your data: private and usable.
Simple fix
Use NFC so you have to have a reader in close range, and NFC/RFID works just as goof to tell how many kilowatts in a month you they charging you
And you can just add some overly strong encryption like 2048bit something nobody gonna want to hack.
Water meters here already use NFC
They have the coil on the lid so you don’t even need to open the meter, just hold a coil on a stick and walk over em
You can access your own data by reading the number on the digital display
Anyone else who isn’t power or water will be trespassing
Back in the day they used analog meters with a synchronous ac motor
You could fuck with the wiring inside your house, and create an lc circuit that could slow the meter, or even run the meter in reverse.
Now they charge for apparent power not absolute power, or a ratio of both
Just the opposite has been the plan for years. The model for AMI (Automated Metering Infrastructure) is to move away from walk by/drive by short-range systems to fixed-based systems with localized data collectors that tie back to the utility’s billing computer system. That removes the human error from the readings (most people cannot accurately and repeatably read a gas meter index, even when trained). No more meter readers, the technicians get to spend more time on maintenance and installation, and the utilities require fewer employees. The system pays for itself.
Elliot, you need to re-read this and rethink your idea here. Why would you place data under a lock and key then give the key away to EVERYONE who walks up to the meter and looks at it? Why encrypt or password the data in the first place? It’s not like that information is useful to anyone else but the user (utility or homeowner), but to go to the effort of securing it OTA but leaving the keys to the lock in the open doesn’t make sense. Just don’t encrypt the reading in the first place, allow the end user to have open access.
Heh. Our gas utility has cornered me into manually getting and submitting my meter reading to them monthly. They achieved this by repeatedly overestimating for the months they don’t read (eg estimating $500 for a month that historically we never consumed more than $200 worth.) It does eventually balance out, but of course we’d be penalized and hurt our credit rating if we don’t pay the whole $500.
Great system.
>It’s not like that information is useful to anyone else but the user (utility or homeowner)
It is useful information to know when to burgle without sitting and watching, or just using the website which used to have a default password of PowerCo1234.
> If the smart meters transmitted encrypted, each with their own individual password,
This is exactly what the current one in our factory does. The data through the IR port used to be plaintext, but is now encrypted. You can (theoretically) get the key from the metering company if you want to jump through some hoops.
It was easier for me to count the 100 pulse/kWh led flashes, than get the key and read the data.
Niche in more ways than one. Now lets see the economics for all the participants and you’ll see why least effort is done.
Smart meters aren’t cheap – having this implemented as an industry standard would mean economies of scale resulting in adding at most a penny or so to the production costs.
There are widely deployed smart meters that use ZigBee (specifically, the ZigBee Smart Energy standard, which exists specifically for this type of use), which offers the same or better level of information security as this would, and certainly costs more to implement, so, if utilities are willing to pay for that, there is really no economic reason why they wouldn’t accept a cheaper alternative.
I would personally prefer if the industry just standardized on ZigBee, as it’s an established protocol that’s already out there and been demonstrated to be a viable option – also, my house is full of ZigBee devices already.
It would require a bit more effort to access the data – from what I’ve heard, you need to contact your utility company and they have to allow your ZigBee hub/router access, but it’s a one time thing, and a lot more polished of an experience.
This is an almost solved problem with the meters my utility uses. The broadcast to the utility is 6loWPAN and they have nodes on the utility poles on the mesh that then forward the meter readings over cellular. The meters then have zigbee for local access. Only problem is they don’t allow joining it to a network or publicize the zigbee protocol they use. The meter is made by itron.
You can often contact your utility and have them register your Zigbee device as a HAN (home area network) endpoint. This will allow you to access the (encrypted) Smart Energy Profile data from your smart meter. The Itron meters do use a mesh network that is secured and encrypted over multiple layers. I speak from experience having been involved in the team that deployed the meter network and security infrastructure at a large utility in the U.S..
Please go read the preface to _Secrets and Lies_ by Bruce Schneier:
https://www.schneier.com/books/secrets-and-lies-pref
Two pull quotes:
“The result wasn’t pretty. Readers believed that cryptography was a kind of magic security dust that they could sprinkle over their software and make it secure.”
“I learned to look beyond the cryptography, at the entire system, to find weaknesses. I started repeating a couple of sentiments you’ll find throughout this book: “Security is a chain; it’s only as secure as the weakest link.” “Security is a process, not a product.””
Another good essay is “Risks of Relying on Cryptography”:
https://www.schneier.com/essays/archives/1999/10/risks_of_relying_on.html
in which he talks about side-channel attacks.
Both are more than 20 years old.. ancient by technology standards.. so there’s no excuse for continuing to push the “encryption is an easy way to make things safe” myth.
Instead, let’s try to encourage real security analysis: What’s the cost of having this information exposed? How long will the information have meaningful value? What’s the probability of an attack? What’s the attack surface, and what other attack vectors exist?
I’m afraid this one sounds like putting a $100 lock on a door next to a plate glass window, on a toolshed somewhere in Wyoming.
This is about a specific issue – people being unhappy with their meter broadcasting their usage data in a format anyone with $20 worth of hardware or less can capture and view.
Encrypting that data effectively solves *that* issue entirely, easily and simply.
Are there other ways unwanted individuals could access that data? Sure. This is the equivalent of putting some curtains on your bedroom window – if someone is determined to see you naked, they’ll find another way; but at least you’re no longer showing off your privates to anyone walking by looking in the window.
Does anyone actually have even the slightest interest in capturing your power usage? In the vast majority of cases, I would think not. Maybe if you have a REALLY nosy HOA?
But that doesn’t really matter. The issue is people being uncomfortable with it being broadcast openly, not people abusing the access that provides. Even if the latter never occurs, it isn’t relevant to the former. Encryption provides a solution to the former, without imposing any undue burden on anyone else. There is simply no reason not to do it.
Encrypting the data is something that should be a basic standard when any private data is open to public capture, regardless of its importance. It doesn’t create an impenetrable barrier around it that can never be breached, but rather a one of the foundational measures you can build on. Sort of like having a basic lockable doorknob on your bathroom door: anyone who really wants to get in will still likely be able to do so, but they can’t just waltz right in.
It is really easy to check the “has encryption” checkbox and have no meaningful privacy benefit. For example, just encrypting the data (like https/SSL) does not bring any benefit without some sort of authentication or clever key management. Sure nobody can snoop on you reading the data, but they can still read the data themselves with their own encrypted transaction. Yet, the requested encryption feature is present and following industry standards….
Thing is, nobody is listening in on the data you’re broadcasting. It’s only those who are determined and have a reason that even have any equipment to read your smart meter without your permission.
People are being uncomfortable for the wrong reasons. It’s not a case of “locks keep honest people honest”, because the honest people aren’t even aware of the door.
The real security threat in this case is those people who ARE determined to break in for some reason. They also have other attack vectors that serve the same point.
I absolutely assume there are house thieves who use meter signals to try to guess if someone is really home. They use repeaters for stealing cars after all.
Hear! Hear!
Another option would be to broadcast the same data twice, one with the meter company encryption key and one with the customer’s encryption key. But that too would be going out of the way to provide a service that very few people would actually use. another use case system would be to let the meter join the home’s wireless network and join the crowd of “smart” IOT devices.
> “Because after all, if it’s your data, it should be your data: private and usable.”
But is it really your data? Or does it belong to the company that you made a transaction to get a resource?
While I am a proponent of personal privacy, I don’t believe you own this data in this case. While it is data about you, it is not your data. This is more kin to a credit card transaction, while you get a receipt from the transaction, so does the merchant (and credit card company). While you can destroy your receipt you have little power over how the other parties will use the data (other than out right fraud/ID theft).
Maybe some legislation would help (although I wouldn’t hold my breath, and doubt it would be the right legislation on the first attempt)…
That’s an interesting take with a lot of merit. I’ll propose another, without much forethought behind it. That data is jointly owned by you and the utility company. You generated the data by creating the utility usage environment, but you could not do so without the company providing electricity.
It is obvious that both the utility customer and the utility company have vested interest in this data.
The data is a necessity for the utility to determine billing and capacity planning needs, but also for you to know that you are being accurately billed and to gain insight into your usage and ecological footprint.
The challenge is that the legal frameworks that the world operates under don’t really provide for joint ownership of data, so in every case where it would make sense we default to the more powerful entity owning it. Then we wonder why we get “a free year of credit monitoring” so many times each year as those entities fail to protect it.
Millions of people have signed up supermarket loyalty cards. This allows the store to track and sell a record of their purchases in turn for lower prices. Where is the cost savings for having your personal utility consumption broadcast to the world?
Good God Magnum! They say “lower prices” but they mean “higher profits”! Are you new?
>in turn for lower prices
No such thing happen. Any persistent discount is offset by having higher prices to begin with – to extort those outside of the loyalty program to join in. The company won’t make a loss either way.
My smart meter had a 3G modem in it. It was recently upgraded to a 4G modem (yes, some guy visited all the meters, opened them up, and swapped the modem).
Unencrypted broadcasting is an issue?
People that carry around a cell phone and allow their cell provider to sell their location in real-time for pennies are suddenly paranoid that someone will be able to reverse engineering some info from their energy usage?
These people give garbage free apps unnecessary permissions to things like microphones, location, camera, social media, etc and are worried that someone might get wirelessly read a meter from a distance that they could read it traditionally?
Just out of curiosity, do these people prevent someone with binoculars from reading their meter by placing a cover over it?
These people are the ones that make public social media posts about every minutia of their life, right? The same ones with inward-facing security cameras without encryption or cameras that use a default password?
People who have data-mining microphones like Alexa listening all the time and sign the worst EULAs imaginable? These people?
The ones with an unencrypted Bluetooth link between their smartwatch and phone?
The ones who give Amazon a code to open their house door and drop off a package INSIDE the house?
Look within your own buying habits before putting on this performative security theater.
Could we have an optoisolated uart, please? Three-pin connector, documented protocol, attach whatever you please.
Same for the various smart crap. A LG washing machine requires a stupid amazon cloud, with MQTT. No reason why said MQTT messages couldn’t be exposed via such interface. Serial-to-ethernet/wifi/bluetooth/whatever, a shim of python code, no additional cost for the vendor other than putting out a pdf with the protocol.
Could the Wise Men of European Council be actually useful and push this instead of pointless carbophobia?
Or simply get rid of the smart meter and just manually read the display.
All electrical energy meters i Norway (and probably currently most of Europe) have been replaced with smart meters. Data to grid owners is (wireless) encrypred, but house/meter owner can get access to “real time” data from a standard (un-encrypted) physical M-bus interface on the meter.
There are several third party dongles to read data from this interface.
I installed the Itron end points. There were a few dark spots in town that required an additional antenna to boost signals from behind hills. What wasn’t explained was how batteries were going to be replaced, there were under a gel layer.
I’m guessing you are talking about the gas meters? The batteries in those are spec’d to last 20 years. They only send periodic updates to the “host” meter. They do not send real-time data. I don’t remember what the change in lifespan is supposed to be with an extension antenna. But I don’t recall it being extreme.
It’s articles like this that really make me wish my electric meter was one of these that broadcast some sort of usable data. Is there a database of meters and if it’s possible to access data like this?
I can only imagine that this article is talking about SCADA data, which is not encrypted. It’s also not limited to “smart” meters. Most of which use proprietary encrypted communications that absolutely cannot be picked up by anyone with $20 worth of hardware. The older analog meters however can be read and monitored by anybody that has line of sight and possibly some magnification.
In Italy web have smart meters that are ready in remote using the same electric cables since more than 20 years.