I attended a lecture by Rebecca Herrold, the chair of a NIST committee. Her lecture was about this topic. She made a compelling case for some sort of national policy to cover the issue of privacy and the smart grid. She also argued that privacy is an ill-defined term and is especially ill-defined in terms of a smart grid.
There were many law enforcement officers in the audience. They asked very alert questions about trend lines in electricity use. Specific questions about grow lamps were discussed as well. It is clear that they were very interested in electricity usage patterns. Here is more information than you want to read about the topic from NIST: http://csrc.nist.gov/publications/nistir/ir7628/nistir-7628_vol2.pdf The NIST committee did a great job with this paper. Wayne Hauber (515) 294-9890 Iowa State University Information Technology Services IT Security and Policies 297 Durham Center, ISU, Ames, Iowa 50011 [email protected] > -----Original Message----- > From: [email protected] [mailto:[email protected]] > On Behalf Of [email protected] > Sent: Sunday, October 23, 2011 2:15 PM > To: [email protected] > Cc: [email protected]; [email protected] > Subject: Re: [funsec] Oh, please ... > > On Sat, 22 Oct 2011 15:44:29 PDT, "Rob, grandpa of Ryan, Trevor, Devon & > Hannah" said: > > > How horrendous! If someone can crack the encyption, figure out the > > band being used, and figure out how to trigger the meter dump, they > > can find out whether you've been using a lot of electricity! > > But that's not the actual problem. Unless it reveals that I use *so* much > electricity that I'm probably growing pot plants in the attic, a one-shot > number doesn't reveal much. When it gets interesting is if I do it every hour > or every 15 minutes. I can build up a nice plot of energy usage - and then use > that to infer other things, like when you're running major appliances, when > you go to sleep, when you wake up, when you leave the house, and when > you return. > > Suddenly it becomes a lot more interesting data for the enterprising burglar > or stalker. > > > (Surely it would be easier to read the dials on the existing meters > > ...) > > Yes, but if I'm trying to figure out what hours you are and aren't at home so > I > can burgle you or otherwise do something nefarious, it's a heck of a lot safer > to ask your electric meter every hour from a remote location than sneaking > up to your house and looking at it every hour. > > Plus I can easily automate naving a PC do a network probe every hour, even > when I'm asleep or cooking dinner or something. Getting my PC to sneak up > to the meter every hour and read the meter is a bit of a challenging robotics > project. > > ;) _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
