Digital locks aside, this is more applicable to any lock you buy and rely on (substitute US with your local region):
> lack of availability in the US
I wouldn't go out of my way to find something like Schlage here, when Abloy (Assa Abloy) locks are available in abundance with locksmiths able to duplicate usually all the key variants.
No, there was a vending machine smart lock that if you hitachi'd it right it'd unlock.
And, I phrased it wrong: most people expect to be able to walk into lowes and clone a key. And while it seems assa has been on a buying spree since I last looked at them, I do not associate them with anything you'd be able to find at big box store. When I think assa abloy I think "you better have the key card or you're SOL."
As a European, most of the products mentioned in the linked article and this discussion are from brands I've never associated with Assa Abloy in the first place.
They're still technically Avago Technologies, just wearing the name of Broadcom after the acquisition in 2015-2016. Not sure if there's much of Broadcom left, beyond the name and what IP they had at the time which was not sold off, like they did with the IoT related IPs.
I'd be really curious on how hard programmatic access to your own, personal banking data might be in the PSD2-era.
I can link my secondary bank account to my main bank's app so I can see the balance in one place, but the catch is that I need to refresh this authorization through the app every 90 days.
Ideally, you'd just use your banking credentials to authorise the API access and pull data through that. What this requires in practice, I have no idea but it probably involves a bit of bureucracy.
Some modern banks (Monzo, Starling, etc) give the account holder (read-only) access to their API.
If you can't, you can try use one of the open banking providers such as TrueLayer, Plaid, Nordigen (seems to be acquired by GoCardless: https://gocardless.com/bank-account-data/), etc. Most have a free/dev tier that nevertheless allows connections to real accounts and might be enough for personal use.
Finally, screen-scraping is potentially an option. One of the few benefits of shifting everything to SPAs is that you generally have clean JSON APIs under the hood that are easier to interface with than "conventional" screen-scraping involving parsing HTML.
Ran into this annoyance recently setting up new accounting software, that the access my bank provides is last 6 months only, so I still had to go and export a csv, rejigger the column names and date format, to reimport the first 8 months of 2024.
My thought for working around tracking new transactions without a third party is to just set up email alerts so I get a notification on every charge, deposit etc and set up some cron job to read new emails and update my books.
I opted for Ikea glass containers partly for wanting to avoid plastics (except the lids) and partly to not have to deal with tomato sauces staining the pristine white plastic containers after a single use
Micro/nanoplastics are a secondary consideration overall, primary was just to reduce my usage of plastics a bit, even how infinitesimal it really is. I only realized how much plastic packaging I go through once I moved to an apartment with plastic "recycling", I still separate out most plastics but not everything.
I personally am not really swayed towards ditching whatever plastics I still have, given how ubiquitous it is and I am already happy with my Ikea glassware.
> In the video it appears that Peter was using the Flipper Zero to wireless turn the power meter on and off, which also controlled the power to a large AC unit. Eventually switching the meter on and off while under a heavy load resulted in the meter self destructing and releasing the magic smoke.
Calling out Flipper Zero for someone (ab)using the meter's remote control features cuts me the wrong way: you could've done the same with any other SDR, not just the Flipper Zero.
It's not even a surprise this happened, the cut-off is not meant to be operated constantly to cut heavy loads. Similarly you should not use a breaker to turn off heavy (or any, in that matter) loads as you're needlessly wearing down the protective device, instead of a separate cut-off switch that's designed to be replaceable. Especially since it can be positioned downstream from the protective device.
It all boils down to which part of the circuit you can easily repair in case of a fault, in this case the meter is by far the least accessible.
Why would a power meter allow an unauthenticated client to turn the thing on and off wireless?!? Sure, if you flip a switch handling a large current often enough, something will break (and I am impressed it's not the AC in this case).
But why does the power meter accept commands from something 'outside', something untrusted?
I mean why are power lines not locked up and buried underground secured locked steel cages?
Because some things work better with trust vs convoluted security.
I think this is something a lot of computer nerds don't get (myself included at one point). It's almost like if something can be accessed we are allowed to access it and it's the fault of the person securing it. But a lot of our society works on trust and I think we'd live in a much more difficult world if everything had to be secure enough to resist any attack.
If this thing was connected to the internet I get it, but you already need physical access to the meter why add another layer of security on top of that? If someone has wants to mess up your power and they have physical access there's plenty of ways they can do it without wireless communication.
I would just add a simple layer of device-id based password generation function which is hard to reverse engineer. The devices used by authorized people would auto-generate it and will be transparent to them, yet it'll prevent many people from getting in. Add a rate-limiter on top of it, and it's impractical to brute force it.
If Philips can secure its SoniCare brush heads this way to prevent tampering and counterfeiting, a utility company or meter producer which enables a much more important infrastructure can be a little more mindful about what they are doing.
Definitely agree with you here. The parent has a very valid point about not always over-securing things that don't need to be secured, but physical line cutting and wireless shutoff are very different threats.
Someone walking around your neighborhood cutting every single electric line on the side of a house, risking electric shock and trespassing on your private land is much more likely to get caught than somebody rolling through your neighborhood with a flipper zero and a high power antenna turning off all of your meters.
If someone had a grudge against you, and they started to "release the magic smoke" from your meter once a week and the power company is upset with you and your HVAC system doesn't work anymore, in addition to the fact that the compressor in your AC is toast because of someone energizing and de-energizing the circuit so rapidly. Now you are out thousands of dollars and, on top of all that, no matter how many cameras you put up, you'll have a hard time figuring out who's doing it.
Which is exactly how you end up with more etrash when a company goes out of business.
Also, you've just made replacement/repair/support far more complicated and dangerous for everyone than it need be. You must be 10% smarter than any piece of equipment you are operating to safely use it, and be "ahead of the machine".
I truly believe we have suffered greatly as a civilization for our willingness to lose sight of that, and to have allowed the siren call of "abstraction" to charm us into making things so absurdly complicated that short of neverending population growth to bring into existence more people to solve all the new problems people have created, one is hard pressed to even read everything necessary to understand why most things are the way they are.
When done with proper contracting and documentation, losing a company is not a problem, because either you put the spec and the algorithm on the table, and people implement it to get certified, or you get the technical docs to use when/if the company goes out of business.
Practically, it doesn’t do anything more complicated. Device provides you an ID without a password, but accepts everything else with a password. In many countries, if not all, infrastructure equipment is already protected property. Nobody except the utility company touch, repair, reconfigure that meter, anyway.
Overcomplicating stuff is indeed a problem, and it’s a combination of poor engineering plus monetary greed in most cases. Also it’s a side effect of evolution of technology. I would love to discuss it to death, but this is not the place and I don’t have much time for it either.
Yeah, a lot of this infrastructure was built on a trust-based society so we're having to slowly learn that isn't possible in our current culture and population size. It's sad.
Because security is not a priority for the industry. Most have no security, default authentication in the rare case that they have it, and they use protocols with no support for it. The field is decades behind in security practices (it's pretty much IoT) and won't improve unless forced to.
It's also difficult to update such devices in the field so even if they do fix such issues it's only for new units or a new product line which most customers won't bother with until forced to by regulations / incidents as it's expensive to replace them (you have to send someone out on the field as there are pretty much no OTA updates).
The field is decades behind best practice because these systems have multi-decade operational lives.
There's an absolute chasm between implementation intervals that can be achieved through pure software systems and those with distributed hardware components. Throw in a few layers of abstraction where those designing, purchasing, installing, operating, and maintaining those components are all unrelated parties with different (and potentially conflicting) motives and any sort of cohesive systems engineering is hard.
This doesn't excuse continued irresponsibilities in product security, because they absolute exist, but "impressively fragile yet surprisingly functional" is a completely logical Nash equilibrium to settle on given the surrounding non-technical components.
> The field is decades behind best practice because these systems have multi-decade operational lives.
This would be more convincing if not for the fact that smart meters are IIoT. They're a new thing. IIoT is kind of an unholy breed between those hardcore industrial engineers you talk about, designing hardware with multi-decade operational lives, and the people implementing the IoT part using webdev practices, trying to put Docker containers full of NPM modules onto the industrial devices (and if they can't fit there, then plugging them immediately upstream).
Now that latter group is (mis)using bleeding edge tools to develop greenfield solutions - and thus should very much be able to keep up with basic security practices developed in the last 20 years.
But we are not talking about them using too weak RSA keys from 2 decades ago, or even not about transmitting passwords unencrypted, so anyone with a right radio could glean that.
We are talking about a complete lack of any access control. Like two wires instead of an ignition lock. An electric box with a mechanical meter and switches would at least have a padlock on it.
Neither is long term functioning of the electric grid if you read the IEEE. Go read the IEEE journal where every few years someone writes an article warning that the electric grid will fail catastrophically when an 1859 level solar flare occurs that we can prevent with a relatively straightforward fix.
Technical debt exists in disciplines other than software development.
> Why would a power meter allow an unauthenticated client to turn the thing on and off wireless?!? Sure, if you flip a switch handling a large current often enough, something will break (and I am impressed it's not the AC in this case).
I would guess until recently power meters just had no reason to be secured. We live in a multi unit building (I would guess around 120 of them). There is a shared key that goes to the central electricity room where the meters for all units are. I could turn off anyone's electricity by either unscrewing the main fuses there or by switching the breaker. People are a lot more trustworthy in practice than you would think.
Most people abstain from committing crime not because they will go to jail, but because pointlessly harming another human being is stupid, a waste of time and effort, pointless, and only makes the world worse.
The security of billions and billions of devices (e.g. industrial control systems, PLCs,[0] SCADA,[1] ERTs,[2] etc.) that are responsible for controlling and monitoring virtually every aspect of modern life (e.g. power grid, water purification, natural gas transmission, oil and gas extraction, vehicle traffic control, rail signalling, pharmaceutical manufacturing, etc.) is appalling.
The manufactures and integrators of these devices are just now beginning to realize that the internet exists and that their devices aren't always connected to perfectly isolated RS-485[2] networks or connected to a network at all. They commonly contain hard coded passwords, passwords with staggeringly limited length and complexity, plain text authentication, default passwords, and other backdoors. Working with such devices is like taking a Delorean back to the early 90s, the eighties, or even earlier... it's the wild west.
It pleases me beyond words that hacking contests like Pwn2Own[4] have begun to include these systems in their competitions. This is a massively important area of security research that has historically been ignored.
The security of these systems is indeed terrible. From my experience, operators often justify it by saying that they are not connected to the internet, while at the same time assuring you that they can easily handle emergencies through remote access from their personal laptop :/
However, what scares me when looking at open vulnerability research taking off in this space, is that these components have a much longer lifetime than regular IT, and are harder to update, not to mention that outages due to bad updates will almost always directly impact production. So it does seem to me that while increase in awareness is a good thing, the vulnerabilities ound in Pwn2Own and similar might be used more easily by attackers than defenders.
That said, i don't have a better solution either.
We don't know whether the meter accepts every command, or the device has a fixed security protocol reverse engineered and known by researchers.
These protocols exist to get current readings from meters for data retrieval ease, and generally have a combination of security through obscurity and simple authentication to enable mass readings (by authorized people) easier. IIRC, these things can talk P2P in densely populated areas, and you can get all meters' readings in mere minutes, tops.
In any way, after and initial PoC, the rest of the video gets into territory of equipment abuse, and I got angry and sad while watching it. You can do it, OK, then why damage things which are not yours? Document your findings and leave.
That also made me angry to watch. He knew what he was doing and got the result he was hoping for. I hope his electric company is aware of what happened. The serial number and electric company name are both clearly visible in the video.
In my area of jurisdiction certain public places like bars and restaurants are required to have an externally accessible way for fire teams to cut power in the event of e.g a flood or a fire that would require soaking the place.
These are usually placed above the main door, and are made of a lever ending in a loop in which you hook a spear and pull down.
Neighbours unhappy with such places making noise would regularly pull them, cutting power, destroying wares that are in fridges, and whatnot.
The typical (and only, really) defense is to make the lever inoperable so you can frequently see them destroyed.
Having open remote RF access in these cases would be a disaster (until tinfoil is used as a defense)
> Because your a terrorist or an AI looking to destroy mankind?
I didn't know we reached Ghost in the Shell level cybernetics, sorry. TIL.
> You're drifting off into is/ought territory in why people do things and that is something that is very difficult to predict and control.
No, I'm just asking a question. What he has done has no place in my ethics and morals. I don't tell anyone what to do, either. It's his life, he should deal with the consequences.
I don't disagree, this is why we typically have laws against destruction of property.
Conversely we have an increasingly globally connected world that is wholly dependant on software to keep functioning day to day. If someone figures out how to modulate your wireless router (I mean, long shot, yea) to smoke your neighbors power connection the 'ethics and morals' of said remote attackers is nearly meaningless. Especially in the case they live in a foreign country. Said attackers will be able to harass you with impunity while your power company is walking around with its thumb in its ass trying to figure out what's going wrong.
An untrusted finger can just switch the main breaker or an untrusted hammer can just smash the meter. There’s far easier ways to be destructive if you have physical access to the meter, which by default everyone is going to have because meters are required to be accessible by the public per electrical/fire/building codes.
A camera can easily catch someone with an hammer, it's kind of much harder to go one by one to destroy them that way and it's also probably much more dangerous to try to break something connected to the power lines like that.
This on the other hand is quick, can be done away from the meter, away from cameras, and can reach many meter at the same time. Considering the few terrorist acts that have been done to electricity distributions points, it does seems like a good ways for them to do a big impact easily, with the right antenna and amplifier.. you could do quite a bit of damage.
> you could've done the same with any other SDR, not just the Flipper Zero.
The specialness of the flipper zero is not that it can do more than any other SDR. The specialness is how easy it is to use. The question is what you can do in that 'easy mode'.
That, in the easy mode, you can do this kind of realistic and meaningful damage is noteworthy. Because this potential is brought to the masses. It probably won't be the start of widespread SDR-based cyber-crime, but that brings it one step closer. That is why I consider this noteworthy news about the flipper zero specifically.
Since the advent of cheap SDRs and TI CC1100 devkits it's been a case of "grab code off Github and go do shenanigans". The only specialness here is that it's battery powered, but even previously you could have been running a laptop and HackRF in your backpack.
For a Linux user, you can already build such a system yourself quite trivially by getting an FTP account, mounting it locally with curlftpfs, and then using SVN or CVS on the mounted filesystem. From Windows or Mac, this FTP account could be accessed through built-in software.
It's the top comment from Dropbox's announcement thread on HN, 15 or so years ago. It has become meta-commentary both about HN's cynicism, and that you don't need to do something novel to create a new product category, it's enough if you just make it a lot more convenient than anything before.
The flipper zero doesn't require anything near as scary to a layman as downloading code of github, and tgen trying to run it based off a readme.md that was poorly written and aimed at people who know how to code. People who don't realize that a # instead of a $ means the prompt means you need root, who have no idea what a shebang on a script is, etc. For them 'just run some code of github' will be a hell of how does bash/sudo/apt/pip/make/chmod work?
The flipper zero has a screen and buttons, and a defined way to upload new 'attacks' on to it, aswell as a simple way to run those. To normal people that lowers the barrier sooo much.
This reads like the infamous Dropbox comment, with the Flipper Zero you don't even need to grab code off GitHub, you just have to open a menu and press some buttons.
That said, it’s also important to demand device makers build better protections into their software (like rate limiting) in the same way they do for the hardware. Otherwise it leaves the door open for legislature trying to ban screwdrivers (tools)
I'm not arguing the flipper shouldn't exist. This kind of potential ruin will be required to get manufacturers to wake up to the risk of bad radio security.
I was arguing that this real-life example of impact is actually important for showing the impact of bad radio security, by putting dangerous tools in the hands of the masses.
For any remotely-controllable power meter, its contactor switch should have been designed to sync with the zero crossings of the AC waveform. That would have completely prevented this damage.
I know it would have made the meter more expensive, but it was absolutely forseeable that a wild RF signal could have induced repeated contactor reclosings. They should have built it properly.
I got the vibe they were treating it as a cool hacker tool not calling out the Flipper Zero. But I don't know what any of this is really. I'm just some guy!
At the same time, I'm in awe and in horror of seeing those high current, high voltage disconnects being opened only to end up with a few meter high arc of current jumping through the air between contacts.
I was taught the procedure of disconnecting a 10/20kV disconnect for an on-site transformer (alas, only an old one that had been decommissioned) and that thing scared the crap out of me when I first heard the spring loaded high voltage disconnect actuate.
Having a 3 meter fibreglass pole to actuate the thing, just incase, tells you there is a real risk of the thing blow up in your face, on a good day.
Another note for nordic layouts and Linux: tilde (~) is considered to be a "dead key" on most nordic layouts, meaning you may need to follow AltGr + ~ with a space before typing out the dot. Otherwise you might get weird looks from the terminal trying to figure what you meant with the tilde-dot.
Incidentally, while testing on Windows (in both WSL and cmd.exe) with a Finnish layout: you do not need a space after typing out the tilde.
For this reason you can change the tilde with `EscapeChar` configuration in your `~/.ssh/config` (or `-e` option, but I bet you want it to be permanent).
As a former user of ISO layout keyboards, IMHO a great quality of life improvement is to switch to ANSI.
A US ANSI keyboard has all programming symbols in the right place. Yet it makes Latin/Nordic and other symbols easy to type via compose key (e.g. Right Alt), or similar.
For example, Compose a + ' = á, a + e = æ, o + / = ø, s + s = ß, s + o = §, etc.
An annoying issue is that most brands won't sell ANSI keyboards abroad. Apple is one of the few that get this right. A trick is to import from countries where ANSI is the default, such as NL.
I use the french azerty layout (fr-pc) on macOS (equivalent fr-latin9 on linux). It is an ISO keyboard, I am able to do all of the examples you wrote, and more: option b is ß, ã is option ~ and a, "é" is its own key, so is "à" or "ç".
I am able to write 120 words per minute, not so special, but good enough for me. I find the ansi/qwerty too slow with its compose system (I tried on the canadian-intl layout made for Québec).
What are you in that your local ISO layout has these issues? The Irish layouts on X and Windows don't have this issue and makes typing just about any diacritic easy, though I go a bit further and use the UnicodeExpert variant. MacOS, OTOH, has issues unless I switch to an ANSI layout.
Maybe I'm misunderstanding, but it's not an issue on a Mac. The Option + ^ will produce a ~ with no need for a space. I don't recall it ever being an issue for me on Linux either, so I wonder if there's a difference between a Nordic and a purely Danish keyboard.
Personally I always found that ^] for various terminal commands was much more of a hassle, to the point where it's easier to just close the terminal window.
Some Danes will just use a US keyboard layout, but that's not really as common as sites like HN will have you believe. In terms of programming it does make a little sense though. The 8 and 9 key is doing a lot of heavy lifting, Shift + 8 is (, Option + 8 is [ and Shift + Option + 8 is { and the matching close characters on 9.
There's not a lot of room for special characters on a Nordic keyboard, all most all of the require a modifier key. I don't know if that makes Nordic keyboard users more adverse to the use of these characters in commands and programming languages.
“Personally I always found that ^] for various terminal commands was much more of a hassle (…)”
Yeah, tell me ’bout it. Back when I used Windows at work, a friend told me that instead of Ctrl ] one should press Ctrl ¨ – because on a regular Swedish keyboard, ¨ is on the same location that has ] on a US keyboard. (Not sure if this works with Linux/Mac, never tried there.)
Yes, programming with a nordic keyboard is slightly inconvenient because ~, {, }, [, ], and | all require AltGr. (Isn't that the same for German keyboard?)
I had to switch over 25 years ago when moving. I just considered it a minor inconvenience. I don't think my programming output really suffers, there are so many other factors. Some (very few) people (native or foreigners) do use different keyboards for that reason. I have not noted that they would be better or faster programmers for that. I would claim the correlation between programming fast and introducing more bugs is much clearer.
As for the dead key, pressing tilde space is not the optimal solution. Especially if you are using ssh over ssh. That means you need to produce 2 tilde characters to control the inner ssh. I prefer pressing tilde tilde. With nested ssh that makes 4 tilde characters. Much easier to type than tilde space because you just hold the AltGr key during all for 4 key presses.
Anecdata, but after having some programs break when I used `~` to refer to my home directory (can't remember, was a long time ago), I got into the habit of either using `${HOME}` if I'm in a shell, or just writing the full path explicitly if it's a config file.
So nowadays I only use `~` when I'm navigating in an interactive shell session, and never in commands or config files.
Another source of constant hilarity is when the voice guidance tries to pronounce the names of ring roads in Helsinki metropolitan area: Kehä I / Ring I. They're numbered using roman numerals (I through III) but Maps has no such knowledge of this so it just ends up rattling off the route number and "Kehä / Ring" with the ring road numerals as if they were just a literal letter I.
Sometimes the lane guidance also likes to pick up on the destinations from the overhead signs, trying to pronounce the Finnish and Swedish names with less than stellar results.
When Signal finally drops SMS support, I will also drop Signal. It always was SMS foremost, secure communications second when I initially started using it. Having people on Signal was an added benefit, not the main drive for using it.
For me personally, Signal will turn into a messaging app among dozens of similar apps, of which I have enough already. SMS was why I stuck with Signal over the years I used it and now I have no real reason to stay on it.
I'm assuming you're referring to the VingCard vulnerability from 2018? (https://www.bbc.com/news/technology-43896360)
Digital locks aside, this is more applicable to any lock you buy and rely on (substitute US with your local region):
> lack of availability in the US
I wouldn't go out of my way to find something like Schlage here, when Abloy (Assa Abloy) locks are available in abundance with locksmiths able to duplicate usually all the key variants.