Forgot your password?
typodupeerror
Privacy Power Wireless Networking Your Rights Online

Some Smart Meters Broadcast Readings in the Clear 138

Posted by Unknown Lamer
from the find-out-who-hates-the-planet dept.
alphadogg writes "University of South Carolina have discovered that some types of electricity meter are broadcasting unencrypted information that, with the right software, would enable eavesdroppers to determine whether you're at home. The meters, called AMR (automatic meter reading) in the utility industry, are a first-generation smart meter technology and they are installed in one third of American homes and businesses. They are intended to make it easy for utilities to collect meter readings. Instead of requiring access to your home, workers need simply drive or walk by a house with a handheld terminal and the current meter reading can be received." Perhaps more distressing, given trends in 4th amendment interpretation, I bet the transmissions are open game for law enforcement.
This discussion has been archived. No new comments can be posted.

Some Smart Meters Broadcast Readings in the Clear

Comments Filter:
  • by Sarten-X (1102295) on Monday November 05, 2012 @08:29PM (#41888437) Homepage

    Or a thief could just go jogging around the block for a while in the morning.

    Reconnaissance on a big public target like a house is trivially easy, even without exploiting new technology, but let's all go ahead and panic now that it's been brought to our attention.

  • Re:Not home? (Score:3, Informative)

    by Spy Handler (822350) on Monday November 05, 2012 @08:31PM (#41888465) Homepage Journal

    The tools were simple: a $1,000 Universal Software Radio Peripheral software-defined radio, an amplifier, and the freeware GNU Radio software, plus of course, the team's knowledge of wireless protocols and data processing.

    Yeah really, it's not like home burglars are gonna buy this equipment, enroll in CS/EE courses at the local university, and learn wireless protocols so they can figure out if the owner is home before they rob it.

    The submitter's distress over 4th amendment rights is equally stupid. If the spooks and cops wanna know your power usage, they can just pick up the phone and call the power company.

  • by Copperhamster (1031604) on Monday November 05, 2012 @09:14PM (#41888879)

    I know something about these meters. First of all, they give you the current meter reading in KWH, not how much current is currently in use; you would have to take multiple samples to get that.
    Second of all, they are very omnidirectional and have a reasonable range, so someone can read them from the street on most houses. Which means they get several houses with any reader. The unique identifier is easily determinable, in our case it's stamped on the back side of the meter, all you have to do is pull it off the base and check it. The meters are programmed with a route and subroute number, and respond to an unencrypted transmission asking for their info by broadcasting it.
    As far as the 4th amendment is concerned, the police would need a warrant to get all the bits and pieces together to connect a particular meter with a particular house in the first place.
    Finally, the readers cost us roughly $8k each. While I'm sure it's doable cheaper, I don't see people putting that kind of effort into this. Especially as the same info can be gotten by walking up and looking at the meter. While I certainly have my concerns of security for real 'smart meters' these are not what we should focus on.

  • by EmagGeek (574360) <gterich@aol.cTWAINom minus author> on Monday November 05, 2012 @10:11PM (#41889427) Journal

    Pot farms usually bypass their meter so their high usage doesn't show up. Utilities already report irregular usage to Law Enforcement based on their normal readings. There's no need for LE to go war driving. The utilities furnish that information already.

  • by Anonymous Coward on Monday November 05, 2012 @11:20PM (#41889911)

    There is already a cheap way to do that for digital SLR camera using photographic film to block visible light. My hobbyist friend does it to take infrared photography. It is so amazing how the world looks in infrared: http://en.wikipedia.org/wiki/Infrared_photography

  • by icebraining (1313345) on Tuesday November 06, 2012 @06:16AM (#41891669) Homepage

    That is not the wavelength you're looking for. Cheap cameras can see into the near infrared, not the mid/long infrared of thermal imaging.

  • Re:Not home? (Score:4, Informative)

    by AmiMoJo (196126) * <mojoNO@SPAMworld3.net> on Tuesday November 06, 2012 @08:41AM (#41892213) Homepage

    I develop similar products for the water industry, and we actually looked at interoperability with meter reading equipment, so I know of what I speak.

    You don't really need a $1000 SDR. In fact a cheap $20 one off eBay will work, but actually all of this kit uses a small number of widely available radio chipsets (e.g. Texas 11xx range), usually on 868MHz or sometimes on one of the reserved meter reading bands. Often the protocol is wireless MBUS, sometimes it is a simple proprietary one.

    You can buy modules with amplifiers built in for $20, and then you just need a good antenna and some programming knowledge. It wouldn't be hard to develop a little device that reads the data, just like the ones the power company uses, and sell it for say $200. No skill required to use it. The only plus side is that they don't usually transmit the property address with the power consumption data, only a customer ID or something like that, so it could be hard to tell which reading belongs to which house.

Those who can, do; those who can't, simulate.

Working...