iTWire - Victoria's (not so) smart electricity meters

IT&T JOBS|Discussion forum|Technology Events|IT Education|

Today on iTWire IT News Telecommunications People Our Blogs Tech Lifestyle Releases Science Sustainability MyProfile Whitepapers

Daily ICT Newsletter FREE TRIAL

Follow the Australian Telecommunications scene NEWSLETTER- FREE TRIAL

Technology news and Jobs

Victoria's (not so) smart electricity meters

Victoria's (not so) smart electricity meters

E-mail

by David Heath
Wednesday, 29 July 2009
Page 1 of 2 Contracts have been signed to roll out 'smart' electricity meters to most Victorian households. It's amusing that there is a Black Hat demonstration of how to hack them this week. Featured Whitepaper 5 Best Practices for Smartphone Support A number of recent announcements have revealed the decisions to roll smart metering solutions to a large majority of Victorian household customers. As is so typical with rapid design, development and roll-out of new technologies, scant regard is paid to security of the devices. This has happened time and time again – the original GSM security /encryption being a shining example – developed in obscurity, it was rapidly shown to be completely 'broken.' Roll on the latest (pending) disaster. At this week's Black Hat conference in Las Vegas, Mike Davis of IOActive will present the result of his team's efforts to defeat the Smart Meters. The results are not pretty. Quoting from the presentation abstract , "Mike Davis and a team of IOActive researchers were able to identify multiple programming errors on a series of Smart Meter platforms ranging from the inappropriate use of banned functions to protocol implementation issues. The team was able to "weaponize" these attack vectors, and create an in-flash rootkit, which allowed them to assume full system control of all exposed Smart Meter capabilities, including remote power on, power off, usage reporting, and communication configurations. "In this presentation, Davis will discuss the broad, yet almost ubiquitous exploits and basic design flaws in today's Smart Meter and Advanced Metering Infrastructure (AMI) technology. Typical attacker techniques such as buffer overflows, persistent and non-persistent root kits, and even self-propagating malicious software will be illustrated. Davis will even demonstrate a proof-of-concept worm attack and the general reverse engineering techniques used to achieve code execution. To show all is not hopeless, he will also cover the incident response impacts of possible worm attack scenario. Finally, building upon the analysis of the worm-able attack surface as well his hardware and software penetration testing research, Davis will suggest inherent design fixes that AMI vendors can implement to greatly mitigate these broad exploits." The implementation consultants are dealing with this, right? Umm…. << First page < 1 2 Next page > Last page - Post your comment >>

< Next story in category		Previous story in the category >

Sponsored Releases

Heathrow Airport Terminal 5 Live with Progress Software

Open Text Deepens Integration with SAP® Solutions

As Christmas Nears, AVG (AU/NZ) Advises Shoppers How to Stay Safe Online

Progress Software Successfully Enables SaaS Deployment in the Cloud for Fifth Year

...Promote your press-releases here

Latest jobs

Business Analyst (M15)
VBA Access Excel Developer - CBD - Banking - Employer of Choice (S16)
Vignette Developers / Analyst Programmers - CBD - Finance (S16)
Senior Network Engineer (S24)
Systems Engineer - Java/Weblogic
Senior Systems/Business Analyst
Project Manager
Designers - Data Networks
Web Developer
IT Technical Support Manager

	Visitors last 30 days	694,279
	Subscribers	15,210

#1 independent technology news advertise here

- Advertisement -

Featured Whitepapers

	5 Best Practices for Smartphone Support Worldwide shipments of smartphones reached a high of nearly 40 million units in the third quarter of 2008, helping to grow the category by 28% from the same quarter last year.
	Legacy Tools: Not For Today’s Helpdesk Why applications like RDP, VPNs and VNC may be costing you time, money and end-user satisfaction.

Today on iTWire

Follow iTWire on Twitter

About iTWire

iTWire is all about technology news, information, jobs and community for the IT and telecommunications industry professional. Subscribe to our free ICT daily newsletter

website free tracking