Sophos Cloud Optix
At the 28th Chaos Computing Congress (28c3) hacker conference in Berlin, Germany researchers presented a talk titled “Smart Hacking for Privacy” where they looked into the privacy implications of “smart” electricity meters.
In Germany consumers who wish to contract with independent smart meter providers are able to have one installed in their home via a similar style of subscription you might agree to for a free cellular handset from a mobile phone company.
The researchers, Dario Carluccio and Stephan Brinkhaus, signed up with a company called Discovergy to see what type of information these meters collect, whether they were as secure as the company promised and what they might be able to determine from consumption patterns.
Discovergy’s website made three promises about the security of their devices. The web interface to access your consumption data used HTTPS to ensure no one could snoop on your sessions, the data relayed back to Discovergy was encrypted and signed to prevent forged data and that this had all been confirmed by independent experts.
These claims mysteriously vanished from their website before the presentation was delivered on December 30, 2011.
The Discovergy website’s SSL certificate was misconfigured and presented them with an invalid certificate warning, then proceeded to redirect them to an HTTP url where the data and password were transmitted in clear text across the internet.
The web interface only allows customers to see the last three months of data, but because of the insecurity of the communications, they were able to demonstrate that data from the entire life of the device was in fact being stored on Discovergy’s servers.
Since the encryption and signing of traffic was untrue, they were able to intercept the communications using their router and forge incorrect readings back to Discovergy which at one point showed their minimum consumption to be -106610 kWh.
The last concern they expressed was that these smart meters were monitoring their power usage in two-second intervals. They were curious what type of information they could determine about someone with such fine grained measurements.
They tested different appliances to demonstrate the unique signatures their power consumption show on the two second interval graphs. This data could identify when the refrigerator was running, when you may be home or away or even sleeping.
They then looked at electrical usage of plasma, LCD and CRT televisions and could see differences in power consumption based on the brightness levels displayed for different scenes in TV shows and movies.
You can clearly see a discernible pattern of power usage that uniquely fingerprints this film. The researchers conclude that two seconds is a bit intrusive to privacy and unnecessary for the stated goals of the smart meter companies.
During the question and answer period the CEO of Discovergy, Nikolaus Starzacher, stood up and came onto the stage. He expressed his appreciation to the researchers for drawing attention to the problems they found and vowed to resolve them as quickly as possible.
He explained that one of the reasons for using the two second polling interval was to provide services like notifying you if you left the house with the iron or stove on by accident. He promised to make the data collection interval configurable in the future for more privacy conscious consumers.
One of the reason I enjoy conferences like Black Hat, DefCON and Chaos Computing Congress so much is the opportunity for industry to learn from their mistakes and consider the hacker mindset.
It appears the outcome of this talk will be beneficial to the entire smart meter industry, if they are listening, and it appears that Discovergy are taking the feedback to heart.
Want to know more about smart meter privacy? Listen to this podcast where I interview Paul Ducklin about the privacy implications of this research.
(9 January 2011, duration 16:58 minutes, size 12.2 MBytes)
You can also download this podcast directly in MP3 format: Sophos Security Chet Chat 79, subscribe on iTunes or our RSS feed. You can see all of the Sophos Podcasts by visiting our archive.
Update: I got my letter today from BC Hydro, the power utility for British Columbia, Canada. They will be installing my smart meter (like it or not) in the next two or three weeks. You can be sure I will be doing some “testing” to see what it is up to.
I LOVE THIS DISCLOSURES. KEEP IT UP YOU ARE DOING A GREAT JOB <3 XXX
It’s kinda nuts, the things people can do when they put their minds to it. What kind of person thinks about fingerprinting a movie based on the power consumption of the TV image? Does changing your display settings change the power input in any way that would mess up the fingerprinting?
No, I don t think so.. with efficient algorythms they ll still be able to find out what you are watching cause changing settings would not change the variations of power and they ‘ll still be able to find patterns..
In reality, how much computing power would you need to filter out the power consumption of my exact TV setup (PVR, TV, surround-sound receiver, speakers and active sub) from all the other power consumers in the house (lights, boiler, router, computers, wall warts, etc.) then match the "signature" to all the possible TV streams being transmitted live – disregarding the fact that I am more likely to be watching a recording of some kind anyway, either off the PVR or a DVD? What exactly would I have to be watching to make this information useful? The important point here is the security aspect, which seems to have got somewhat lost amid the rather alarmist "snooping" story. So if that was resolved, yes, I would have a "smart meter" and in the meantime, have no problem uploading data from my "Onzo" power monitor to the power company.
I dare say a Fourier transform analsys would easily isolate power fluctionations from watching a plasma (or CRT) TV compared from other long term or random changes such as fridges or lights. It is less likey to work with an LCD screen.
If the results are fed into a sutably designed databse it should be possible to identfy the TV show, or film (live or recorded) with a reasonabe degree of accuarcy.
As for who would want to know, I would say that practicaly any big company marketing department would want to know which TV shows you watch, so that they know when to show TV comercals.
Yeah but I think with the fact that most cable signals are 2 way now anyways, there is no need for big companies to go a step beyond that and monitor your power consumption.
If you have satellite digital cable, or IPTV they know. They know what you watch, and what you record.
I work for an ISP, and I can enter in any customers account, and see in real time what channel is tuned in on each of their digital boxes.
Satellite also reports on what you are watching if your satellite receiver is connected to a phone line, or by network cable to your router. There is nothing sinister about this. TV viewing habits are used by the networks to set advertising prices, and determine if a show is worthy of production, of needs to be canceled. Why do you think so many new shows don't last beying 4 or 5 episodes now? This is because now they can tell in real time what people are watching, and the shows that don't grab viewers right away are given their pink slips pretty quick these days.
Fairly benign knowing what you’re watching – info for advertisers. More serious knowing when you’re in and when you’re out and knowing that you have a large expensive TV system?
I'm sure it is theoretically possible, and in the days when there were 4 TV channels (in the UK anyway) and most people watched one CRT TV in real time, it might just have been worth doing. But in this context and with the number of channels and sources and the amount of content – as well as multiple TVs and computers in most houses, just a headline-grabber. Too many variables, too much data, not enough ROI.
Billing data, however, needs to be both secure and error-free. The UK is just starting a three-year programme to specify, design and test smart meters and establish the necessary regulation. This is before any rollout begins. I hope they do a thorough job.
I agree that nobody is interested what TV program you watch.
But think about that it is also possible to analyze that someone watched a film at home on his TV which is only available in the cinema right now and not on DVD.
There is also TEMPEST, Google it.
If anybody knows that my husband is watching porn while I’m away I want to know too. I have a right to this information much more than some energy company. Will I be able to demand access to the data?
your husband is watching porn.
The smart meters in B.C. already have their problems as it is… People are complaining about astronomical bills post-switch over, and not paltry amounts either; some people have gone from about $80/mo. to well over $300 on one billing cycle. Naturally, the usual B.C. Hydro soft soaping is going on about how it can't *possibly* be them and are in fact blaming the consumers to a degree, claiming that they've likely been getting power for which they haven't been charged in the past. Frankly, it's disgusting.
As for some of the comments I've seen regarding how you consume the power you receive, just off the top of my head, I don't think that things like *how* you use the power is going to affect the data; I think they're looking at the RAW information… that is, the initial power going into the home, so things like how you adjust your T.V. brightness or adjust your surround sound just doesn't matter. It's kind of like water; it doesn't matter if the end use of that water is for a shower or if it's for the sprinkler for your lawn, the source is still the same.
Final note to Sindy: So what if your ol' man is watching porn? Let him have his fun. You may even get a side benefit out of it and he'll be happy… unless you don't want him to be happy, in which case you have a problem you might want to look into regarding self image and esteem problems. Just sayin'
I applaud Discovergy CEO. I wish that more companies would accept the fact, products have bugs. That in the case of the CEO, he took responsibility and thanked those who found fault in the product and blamed no one.
The funny part is that when most people are given the means to stop this they balk.
It is almost as if some are trying to escape from freedom into becoming a data mining commodity subject to energy, water and food slavery, and all that that takes is to do nothing.
For those not yet enslaved, the common law documents which stop forcible involuntary smart metering (face it this device is not about metering) and can end the trampling of rights in its tracks.
What do private corporations use to go after other corporations? Common Law.
What do fools use to try to stop this? Statute Law. A loser's game, since it is corrupt to the core. Meanwhile, common law will protect anyone who uses it.
So USE COMMON LAW, and do NOT mullify its effectiveness by mixing such documents together with PUBLIC or equity or statute law.
Use what works, meaning the correct application of common law refusal, available at the link below, and that way you get to sleep at night – since not one single person of many many thousands of persons in BC who has used this has been metered- This will work for anyone who lifts a finger to defend themselves, at least until we are an open police state, at which point all bets are off.
The documents were prepared by extremely clever people who found the loopholes in what Gordo tried to pull off in BC.
AND? They are free, just follow the directions and print them off from the link at bcfreedom.wordpress.com