Hacker News new | past | comments | ask | show | jobs | submit login

> A power company vehicle drives around the neighbourhood, collecting the values, storing them and moves on.

What the fuck




I am highly in favor of this type of self contained technology. The last thing we need is for the grid to become inadvertently dependent on the cell network, which is, in turn, dependent on the grid. If there’s a multi-day outage that takes out the cell battery backups, the grid needs to be able to start up independently. This is hard enough without accidental networking dependencies.

(I believe that at least some of the blatant inequity in the Texas blackouts was necessary for this type of reason. There were various critical facilities (gas pumping stations, for example) that, if shut down due to rolling blackouts, would have further reduced grid capacity.)


> the grid to become inadvertently dependent on the cell network, which is, in turn, dependent on the grid

The grid wouldn't be dependent on the cell network. Billing would.


A surprising number of modern smart meters contain relays that can be used to wirelessly disconnect customers. I don’t know whether this feature is used for load shedding and/or startup, but it certainly could be.

As an aside, there are distressing reports of meter-associated fires. These seem to come in two categories: installation issues (poor contact between meter and socket) and issues with the relay itself. The former is not specific to smart meters per se, but the latter is. A device that can safely switch 100-320A at 240V is not that cheap and not that small, and I suspect that some smart meter manufacturers try to cut costs.


Can confirm the first part - had the utility turn on a meter remotely, so they can turn it off too.

Also, around here (Portugal) you're billed for the maximum power in your contract - it starts at 3.45 kVA, I think, with 6.9 and 10.35 levels commonly available (at 230 volts, that's 15, 30 or 45 amps). Used to be that a hardware circuit breaker enforced that limit, nowadays it's the meter cutting off supply in case of excess power draw.

(No reports of fires that I've heard of.)


I don’t know whether this feature is used for load shedding and/or startup, but it certainly could be.

The last two places I lived, it was.

In the more recent one, residential customers who didn't opt in to the smart thermostat, which allows the power company to override your temperature settings in an emergency, could be automatically cut off from the grid in a crisis.

In the older one, a factory I worked for was part of a program where they volunteered to be cut off from the grid remotely in the event of a power emergency. The factory got some kind of discount or rebate for being part of the program.


At least in my area they can. I have an agreement with the power company that they can shut off my A/C for up to, IIRC, 10 minutes at a time with some maximum total time off per day to load shed in times of high load. In return I get a discount on power during the summer months.

Except for the first year where there was a bug that turned it off for an hour at a time, it's never been noticeable.


This is almost certainly not a capability of your meter as such, though the meter might be used to pass data back and forth. Either your thermostat is being controlled (i.e., via changing setpoints) or there's a device somewhere in your HVAC wiring that the utility can communicate with. What is for sure not happening is remote connect/disconnect in the meter used to shed load.


Correct! I didn't think it was worthwhile making the distinction but there's a separate interface that the power company can control that switches the A/C. I think (been a while since I paid attention to it) that it only controls the compressor: the blower is still allowed to run independently.


I worked with a power company in New Zealand that had load shedding like this (although more for water heaters IIRC). They transmitted signals on the power lines themselves at a much higher frequency than the AC delivery. The end devices also needed to support it.


The rumor on the Colonial Pipeline hacks isn't that core infrastructure was affected, it was that the billing system was.

I think most utilities would act in the same way.


That is a widely reported fact rather than a rumor.


Really? A quick google didn’t turn anything up. Source?


Not the most specific look at this question, but the facts are relatively clear.

“ The company halted operations because its billing system was compromised, three people briefed on the matter told CNN, and they were concerned they wouldn't be able to figure out how much to bill customers for fuel they received. One person familiar with the response said the billing system is central to the unfettered operation of the pipeline. That is part of the reason getting it back up and running has taken time, this person said. Asked about whether the shutdown was prompted by concerns about payment, the company spokesperson said, "In response to the cybersecurity attack on our system, we proactively took certain systems offline to contain the threat, which temporarily halted all pipeline operations, and affected some of our IT systems." At this time, there is no evidence that the company's operational technology systems were compromised by the attackers, the spokesperson added”

Source: https://edition.cnn.com/2021/05/12/politics/colonial-pipelin...


Cool - I assumed it was true but couldn't find any evidence. Thanks!


If I don't get billed for my power usage then I'm 100% craning my AC, as will everyone else.


> If I don't get billed for my power usage then I'm 100% craning my AC, as will everyone else

Sorry, in what relevant scenario does the power company never get paid?

OP pointed out a potential feedback loop between the cell network going down and the grid failing. Are you suggesting everyone will crank up their AC when the network fails because the power company will have some difficulty collecting metering data that day?


If modern smart meters are anything like classic mechanical meters, they have a counter of the total amount of power consumed so far, and the power company bills the difference between the current reading and the previous month's reading. Which means that, once the meter can be read again, you will be billed for all the power consumed in the meantime.


Smart meters still retain the total overall usage. Even if the power company doesn't read it for 3 months, they'll see the increased usage the next time they come by and apply it to your next bill.


Most countries don't have the weird and insane rating plan that Texas did. What I pay for water/gas/electricity doesn't fluctuate 500% from hour to hour.


It's a violation of privacy - it makes it that much easier for people to see how much electricity or water you consume. It isn't necessarily a secret, but it is not so easy to find out when you have to go to a meter directly.


It definitely is enough of a matter of privacy that PGE wouldn’t reveal any details of the previous tenant’s usage patterns when I called concerned about the amount of energy we were using in our new place. If it’s too private to share in that context it shouldn’t be blasted out unencrypted to anyone with an antenna. (Also I realize we’re talking about Texas but I would assume/hope they have the same restrictions on sharing info as PGE.)


It often actually isn't hard for someone to find out even if you have one of the meters that has to be read by eye.

It is quite common for those meters to be placed so that they are visible from a public street or alley, so that meter readers can read them without entering the property.

Here is one electric company that talks about this in their meter reading FAQ [1].

> The numbers on a electric meter are clearly visible from six to ten feet away. And, by noting the position of the dial indicators, an experienced meter reader can accurately read an electric meter from as far away as twenty feet. We also provide binoculars and/or monoculars for readings beyond the range where the dials are not clearly visible.

[1] https://www.snopud.com/home/homefaqs/faqmtrread.ashx?p=1285


How could that possibly be a privacy concern?

A lot more private information is already placed onto the street, in public: the contents of your garbage cans.


Now imagine a technology that scans the contents, listing the type, number, and mass of each item, and broadcasts it so that anyone driving by can instantly read it.

It's not binary accessible v. non-accessible, it's level of effort.


it isn't really. Most commercial meters that use this tech are encrypted. It is possible to obtain the key for your own meter but that's about it.


But using your own argument, your electricity grid is now dependent on the road "network", so not self-contained. Moreover, I can imagine much worse scenarios than what you wrote about the cell tower batteries failing. Just imagine you have a snow storm and now you have to have a electricity company truck drive past people's home to restart their electricity. At least in the case of drained cell tower battery they only need to drive to one location.


The grid will work just fine without any cell connections.

The connection in home smart meters is used mostly just for consumption data and maybe remote diagnostics. In some cases it's used for load management, but this requires a written contract with the user.

Basically it goes "You let us turn off your AC/Furnace/other high load unit during load peaks and we'll give you a discount on your electric bill."

Just the information on which meters can't be connected to (due to cell networks being down) gives the power company a bunch of data on where the actual fault is located.


It's like the meter man visiting your house, but now they no longer have to enter. Isn't it wonderful? If I lived in the US, I'd immediately try to hack up a small Arduino project to read out my neighbours' energy usage.


I do this with a cheap (~$20) USB RTL-SDR – no Arduino or custom electronics necessary. Of course, I only use it to monitor my own energy usage (electricity and gas) using rtlamr[1] and a script that periodically sends the data to InfluxDB, then displayed using Grafana.

The result is a smart home energy monitor that doesn't require any clamps near the electrical panel, and it exactly matches the usage for which I'll be billed.

[1] https://github.com/bemasher/rtlamr


Crazy how easy that is. I bet within a year we hear about criminals using something like this to know when people leave their house for extended periods.


That repo is over 7 years old. It’s exploitable, but I’m pretty convinced that this info has been out for many years.

https://hackaday.com/2014/02/25/using-sdr-to-read-your-smart...


Can confirm, I was playing with this in my neighborhood years ago. I'm pretty sure it was the gas meters I was seeing.


And then promptly get bored. It's in the same category as running wifi deauth attacks - fun for 5 minutes.


Yep, as much as I love them Hak5 somehow still maintains a "fan base" for this kind of petty "hacking".

Still, hat's off to Darren and Shannon!


I think most of the modern gear uses ZigBee’s publicly document smart energy protocols. It’s encrypted.


I live in a townhouse and our meters are outside next to where we park our cars. I can read my neighbors energy usage whenever I want.

One uses more electricity than I do and the other less.


I've never had a meter reader enter any house I've lived in, which would be somewhere around 15 different units. All gas/electrical/water meters are on the outside of the house/apartment whether they were smart meters or the traditional ones. Anyone can walk up to them and read them. The digital or analog dial readout is not locked/secured/obscured in any way.


Use SDR networks to do it from afar.

http://www.websdr.org/


Or better still, kill your own meter and have something ping out a reading thats 100 times less expensive.


Different power companies use different smart meter tech, not all of which is easily readable.

SDG&E uses encrypted Zigbee to transmit data. AFAIK, it has not been cracked.


I use a Rainforest https://www.rainforestautomation.com/ device to read my own meter on SDG&E and it works, I think I had to go through an auth process though.


Indeed. I wonder if one could set up a fake transmitter that sends corrupt data (to lower one's own energy bill, hide a marijuana plantation, or to cause issues in a neighbor dispute), or what would happen if one would blanket jam the entire frequency.


Decent chance you become more acquainted with the criminal justice system than you might have preferred.


Related question, is there a law which requires you to send the used electrons back to them, after you're done using them?



> or what would happen

Charges for fraud (in the case of false data) and disruption to electrical service at the state level, and charges for unauthorized radio interference at the federal level.


This is the worst case scenario.


This is the worst case scenario.

Worst case scenario isn't as far away as you might think. Consider that the FCC is pretty good at winning the cat-and-mouse game against pirate radio broadcasters. And those are people who can change their locations at will.

How long do you think it would take to go from the power company noticing an anomaly to someone walking down the street with equipment to detect the source? A week, maybe? There's money at stake, and these aren't stupid people.


There can't be any power anomaly if you use self-hosted energy like solar panels, so that part's out.


But a realistic one, especially if it became common enough to want to crack down and make examples.


Also not a very hard thing to investigate and track down for someone who is interested. I think a good portion of the readers here can design the equipment to do that.


The power company would notice the discrepancy between the sum of reported energy use of the houses vs the actual energy used in that neighborhood and track it down.


... so you're saying that for ever kWh you add to your neighbor, you should remove from another house nearby?


And then when you shut it down and the meters report the real data they’ve been collecting all along, oy.


I wonder if they do any sort of audit of the amount of power used vs billed and, if so, at what scale. How long would it take them to identify the discrepancy? As long as it was pretty small-scale and not trying to hide a huge crypto-mining operation of something I suspect it would be a very long time before anyone figured it out.


That depends on the power company. But it's quite trivial to compare your average consumption with similar users and find the outliers.

That's how people who steal power get caught for example and grow-houses :)

And it's also a useful tool for the consumers themselves to know if they are spending more/less/equal amounts of electricity as people with similar profiles.


This is no different from tampering with your utility meter before they were smart, though?


Speaking of, is this not readily possible? What prevents people from doing this?


The older meters had serial-numbered lockout tags that would break if you attempted to remove them, that prevented access to the mechanicals of the meter under the glass. I imagine that the gearing in the meter had some mechanism to prevent a simple 'rewind' attack.

I also imagine (Hope?) that the power company would measure @ the pole level at some key points to make sure everything added up, and they have lots of data to help spot discrepancies.


>I imagine that the gearing in the meter had some mechanism to prevent a simple 'rewind' attack.

Big Clive details one of the attacks on older (UK) meters here: https://www.youtube.com/watch?v=gFtB0C0rBaM

It was possible to run them backwards. He mentions possible evidence this would leave behind, and notes (taken from the description):

> Latterly devices to detect this activity were added to meters in the form of non-resettable flags that would move out if the meter ran in the wrong direction, or in the case of digital meters a tamper indicator.


Rumor has it back in the day, a relatively strong, well placed magnet would certainly slow the rotation of the metering dial...


...though once this kind of attack became common, the utility meter manufacturers started adding anti-tamper features like hall effect sensors that record the presence of an unusually strong magnetic field near the meter equipment. You'd get some questions next time the meter reader came around and the tamper indicator was lit.

Utilities have a lot of financial incentive to keep people from (at least blatantly) manipulating their billing.


I wonder if you could screw with someone you don’t like by putting a big fat magnet on their meter.

Ofc with the new prevalence of home cameras, that would be risky now.


We used to have meter readers running (literally) from house to house jotting down the numbers.


Yes but that’s one data point at one singular moment in time being collected by one person. Smart meters continually broadcast a constant stream of data to anyone who cares to listen.


Ha, interesting, if there really are no security mitigations, I can wardrive 2 days in a row and figure out which houses have very low power consumption, and deduce from that they are empty and I can go rob them. Ha, maybe even figure out if some power consumption means they have security devices, or just a fridge and a cooler.

And to make it worth my while I can just war-drive around the swanky areas of the city.


Or, look for high usage and rob people for their crypto-mining rigs or pot farms! /s


Might need to do some math for the pot farms. LEDs don’t use that much electricity. Can set up a pretty big operation with 1-2kw.

But the draw will be very consistent.


lol - I don't grow (obviously) but I know people who do (legally). They don't use LEDs, but I did use LED lights to grow some indoor veggies. From what I read (again I'm no expert) the low end LED stuff just doesn't cut it. Maybe there's a high-end LED market I'm unware of?

If you could design an algorithm for your wardriver gear, you might be able to detect when growers switch from 18/4 to 12/12 hour light cycles.


From my understanding, commercial grows all use LEDs. You can roll your own and buy 50w+ LED modules, old CPU coolers and constant current inverters to get as high-end as you want.

A lot of the all-in-one “grow lights” aren’t well evaluated, but I’m sure some out there get the job done.


Or you can just war-drive around collecting the high-energy infra-violet emissions that escape through the walls at night, finding out which houses are not occupied! OMG!

Also, please excuse my pedantry, but it is impossible to rob an unoccupied dwelling.


/me just now realizing that everything Bilbo did as a "burglar" was actually robbery.


The range is pretty limited, and there's generally nothing to stop me from either walking up to your house and reading your meter directly or from getting a pair of binoculars and doing so from your property line.

The data was always "out in public" anyways.


How is this? I’ve never seen meters installed in the open with the display readable. Here in the Netherlands they are usually behind two doors. The front door and the door to the cabinet with all the meters and utility connections.


They’re just mounted on the side of the house like this[1] in the US at least. Power and natural gas, at least. Not sure if I’ve seen water.

[1] https://images.app.goo.gl/H4abfrAyw85FSogq6


Frequently attached to the incoming water line, usually under a metal cover between the water main under the street and the house.


If I had to guess, it's likely a response to an [unauthenticated] inquiry. If so it's probably not quite the same but effectively similar.


Depends on the meters. My electric utility just replaced their old (circa 1999) smart meters which were one way broadcast with a new smart meter that's supposed to be two way capable. I didn't notice a lot of change at their data collection base station (which happens to be at the corner of my driveway), so I don't know if they already had a transmitter in addition to a receiver, or if it's small enough to fit in the existing equipment box or if they're using a different station.


The meters used in my area can be wirelessly shut down by any nearby power technician.

They have vans with very visible PVC pipes mounted on the roof to interact with the meters.


> They have vans with very visible PVC pipes mounted on the roof to interact with the meters

That's more likely a fiberglass antenna.


Not all smart meters work the same way.


Still have these folks here in Palo Alto.


Almost surely much cheaper short term than having a team of engineers and installers to fix the problem.


I suppose most of this infra was designed before cell towers were prominent enough.


Well, looks like smart meters started appearing in US slightly later than e.g. here in Finland, around 2006-2007, so I'm not sure that explains the difference. Could be explained by lower mobile network coverage in U.S., I guess.

US statistic: https://www.statista.com/statistics/676472/number-of-smart-m...

In 2005 in Finland about 7% of households had smart meters, with 80%+ coverage mandated by 2013 and actual coverage of 99.6% of under-63A meters in 2016 (Finnish sources: https://www.vttresearch.com/sites/default/files/julkaisut/mu... https://tem.fi/documents/1410877/3481825/AMR+2.0+loppuraport...).


What’s special about 63A meters? That’s low, but I guess nobody has electric heat/AC. I guess they’re the ones that can be installed indoors?


3x 63A is the reasonable maximum a normal consumer would want at their house. Normal houses are around 3x 32A.

Everything over that is a commercial building and they get billed with different rules and measurements due to the equipment they tend to have. Something about three phase engines and power phases in commercial lighting. I zoned out during those meetings :D


Finland has 230V, so if you're from the US with 110V the low current rating might be confusing ;-) I'd also guess that in Finland they also run three phases into each house/unit (we do in Germany), meaning that's 3*63A = 189A. (Or just shy of 400A on a 110V grid). For us that's the default grid connection you get for your house.

As for your guess: That's just a cultural thing I suppose. I've never seen outdoor meters around here.


The US is 240 volt for power purposes. The 120 volt thing is just dividing that in half - the meters don't measure that. These days most US houses get 200 amp service, but in the past 30, 60, and 100 were all common (100 is still done). I know of a few houses with more than that, but those are not normal.


If you’re adding together the phases like that, European houses are 400V instead of 230V (and yeah you can get 400V ovens etc)


3 phase is different from us split phase. In the us that would be 404 volts (or about that, I don't work with it just know it exists) or 208 volt if you that the split phase in 3 phase.

Anyway the point is 3 phase is not added in the same way as split phase. I think you know that, but I'm sure someone else doesn't.


Naw, Canadian. Cool to have 3ph at home (even without the #1 thing that fails here because we don’t have 3ph: a/c (capacitors)), but why’s your industrial supply just 400V instead of a soup of 347V, 480V and 600V?


Cellular being backdoored by design might have something to do with it too. Although I think it really is just a $$$ question; cellular providers didn't want utilities competing with handsets for service, so utilities built their own.


During the time these meters were built Americans still paid to receive calls and SMS messages.


I'm not sure what the source of your astonishment is. Water, gas, and power companies have been doing this for at least a decade.

It's a good solution for a nation with a low population density. In higher density locations, meter readers and cellular connections are used.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: