Smart Meters?

September 1, 2009

Back in June, I posted a note about the development and potential deployment of “smart” electric meters, and the possibility that they would introduce a new set of security concerns.  It also mentioned a forthcoming presentation on the topic, at Black Hat, by Mr. Mike Davis of IOActive.

The Technology Review has now published a short article summarizing some of the results from Mr. Davis’s work.  It appears that there are some significant vulnerabilities:

At a recent conference, Mike Davis, a senior security consultant at the Seattle-based research company IOActive, gave a presentation on a proof-of-concept cyber attack that could potentially allow an attacker to shut off large numbers of meters remotely.

It appears that there are several attack vectors, including a direct physical analysis of the meter’s memory and digital radio components, and a “man in the middle” attack via its wireless networking.  It is also apparently possible to devise a network worm that can be spread among similar meters:

To demonstrate his attack, Davis crafted a piece of malware that could self-replicate to other meters, allowing an attacker to shut them down remotely. In simulations, Davis showed that if his worm were released in an area where all the houses were equipped with the same brand of meter, the worm could spread to 15,000 homes in the space of 24 hours.

It is also possible that the meters can be hacked to under- or over-report electricity consumption.

Perhaps it is better in other places, but our electric utility already has a capability to make the pwoer go off that is excess to my requirements.   I’d just as soon they not get any more ways to screw it up.

Opera Releases Version 10

September 1, 2009

Opera Software ASA has released the latest version of their Opera Web browser, version 10.0.  This version incorporates a number of new features, including an expanded auto-update mechanism and a “Turbo” feature to speed up browsing on slow connections, as well as security and stability enhancements.  You can download the new version here, and the change logs are here.  Opera is available for Windows, Mac OS-X, Linux, FreeBSD, Solaris, OS/2, QMX, and BeOS platforms.

If you are looking for an alternative browser, Opera deserves a look.  It is fast and very standards-compliant.  Like the old Netscape and original Mozilla browsers, it incorporates an E-mail client as well.  There is a brief review of Opera 10 at the Washington Post Web site.

%d bloggers like this: