Some smart electricity meters are stupid about privacy
Computerworld - Researchers at the University of South Carolina have discovered that some types of electricity meters broadcast unencrypted information that eavesdroppers with the right software could use to determine whether you're at home or not.
The automatic meter reading devices are installed in about one-third of U.S. homes and businesses. They make it possible for utility employees to get accurate meter readings by simply walking by a building with a handheld device, instead of physically accessing the premises and recording readings manually.
But at least one type of meter sends out a signal every 30 seconds regardless of whether a meter reader requested it, and that creates privacy risks.
Wenyuan Xu, an assistant professor at the University of South Carolina, said her team was able to capture data from electricity meters at a distance of up to 300 meters (about 984 feet). The data was in plain text and included the meter ID number; the name and address of the building's owner were not included, but it was possible to figure out that information.
Xu said she was able to pull data from target meters once every two to 10 minutes. With such frequent readings, it's possible to calculate the rate of power consumption in a house and determine whether someone's at home or not.
A new generation of meters is supposed to include encryption. But it's unclear whether the meters already installed will be replaced and, if so, when that might happen.
This version of this story was originally published in Computerworld's print edition. It was adapted from an article that appeared earlier on Computerworld.com.
Read more about Mobile/Wireless in Computerworld's Mobile/Wireless Topic Center.
- Pragmatic Endpoint Management: Empowering an SMB Workforce in the Age of Mobility Lacking the time for proper training and education, SMB administrators often resort to taking shortcuts to keep their environment running.This paper discusses the...
- Improve Your Mobile Application Security with IBM Worklight IBM® Worklight helps organizations extend their business across multiple mobile devices. It provides an open, comprehensive and advanced mobile application platform to help...
- Top 3 Iron-Clad Reasons Why File Sync/Share is Not Endpoint Backup Employees unknowingly create corporate data security risks by adopting these easy-to-use, personal applications. Read this executive brief to learn more.
- Security Technologies for Mobile and BYOD With so many security technologies available, how do you sort through the options and pick the solutions that will really work for your...
- Cloud Knowledge Vault Learn how your organization can benefit from the scalability, flexibility, and performance that the cloud offers through the short videos and other resources...
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users? All Mobile Security White Papers | Webcasts
Our new weekly Consumerization of IT newsletter covers a wide range of trends including BYOD, smartphones, tablets, MDM, cloud, social and what it all means for IT. Subscribe now and stay up to date!