[Discuss-gnuradio] GNU Radio & wireless SmartMeters

[Dave]

On Tue 20 Nov 2007, at 11:07 PM, John Gilmore wrote:
> > Soft-DVB working flawlessly ...
> > thanks again for precious help,
>
> Thank *you* for building a great tool on top of all the signal
> processing work that's been poured into GNU Radio over the years.
> We hoped someone like you would do things like this!

I second that!

Sidenote: I'd also like to thank Firas for his first approach at  
documentation. With due respect to everyone doing all this great work  
with GNU Radio, this signals the beginning for the rest of us (non- 
radio engineers) to begin to understand and fully appreciate its  
significance. Who knew, after that first meeting in Fry's  
Electronic's cafe, that the project would take off in this great way. :)

> ... I can already think of one use that others can make of your
> transmitter.  EFF and I are interested in measuring the DRM responses
> of various digital television consumer products. ...

That's an excellent idea, John.

I can think of another as well... maybe you'll consider this, even if  
it's still some time away from being widely implemented...

As some of you (e.g. those in the San Francisco Bay Area) may already  
be aware, the electrical power company here (PG&E, or Pacific Gas &  
Electric) is now beginning to beta-test a "SmartMeter™" on 8,500 San  
Francisco homes and businesses [1].

After years of development (involving close work with the EPRI, or  
Electric Power Research Institute, a power industry consortium of  
large utility corporations), PG&E has selected a new type of electric  
power meter from SmartSynch, Inc. [2] that can wirelessly transmit  
massive amounts of data about your building's electrical usage to a  
radio receiver nearby in your neighborhood. From those base stations,  
the data is sent over an "advanced communications network" (meaning  
fractional T1?). Although PG&E has "no plan to utilize the device's  
real-time capabilities", the feature is nevertheless fully present in  
the beta devices... it is "just not turned on", according to a semi- 
trained SmartMeter representative I spoke with, the feature is  
nevertheless fully present in the beta devices... it is "just not  
turned on". Of course, we all know how terribly trustworthy and super- 
civic-minded these power companies are, right?

Some of you may already be familiar with the privacy and security  
issues regarding wired home power circuits. Using current wired power  
lines, an entity with sufficient access to a building's wiring could  
determine (with considerable accuracy) what people are doing inside  
by tracking the voltage spikes of devices (e.g. appliances) plugged  
into the wall. These days, this means virtually everything in the  
house, including Japanese electronic toilets, kitchen refrigerators,  
corded "massagers", bedside lamps and clock-alarms, etc. You get the  
idea. Security researchers as far back as the 80's described and  
later demonstrated TEMPEST-like surveillance capabilities, using  
devices built from common off-the-shelf parts, that could extract a  
viewable monochrome image of a computer display device (any type, not  
just CRTs) anywhere on a building's power circuit, after picking it  
out of all of the other devices by progressively "tuning in" to  
characteristic voltage patterns [3]. When "home ethernet over  
electric power wire" kits recently became popular for retrofitting  
networks in older buildings, new attacks on your home network  
connection became possible [4].

Soon, enormous quantities of power metering data will be broadcast  
wirelessly.

Because it is so "convenient" for Customers (they couldn't really  
explain to me how, yet they used that word), PG&E expects to install  
these SmartMeters on nearly every urban structure in California  
within 5 years. Where California goes, so goes the rest of the US.  
Within 10-20 years, as the manufacturing and installation costs fall  
(economies of scale) and the technology is transferred to other  
countries, it is reasonable to imagine that SmartMeters will become  
extremely common worldwide. Imagine all of that fine-grained power- 
use data, broadcast into the air 24/7/365. Now, though the technical  
security specifications are unavailable (or "coming soon" [5])  
considering the complexity of the PKI (public key infrastructure)  
that would be involved for the encryption, you can probably imagine  
how unenthusiastic the power companies are about implementing a  
robust security infrastructure for these transmissions... what a  
headache for their IT departments, right? On the other hand, the  
world's intelligence agencies must be absolutely drooling with  
anticipation... it's a magical backdoor into Everything that is so  
"transparent" that hundreds of millions of power consumers will never  
give it a second thought.

Perhaps a GNU Radio tool for interacting with the wireless signals  
from SmartMeters (and similar devices) might make it possible to  
better protect people from unwarranted intrusions into their private  
lives by:

    * Sniffing the data, i.e. for auditing and/or analysing what  
data the
         power companies are extracting from your meter, just to "keep
         them honest",
    * Selectively suppressing the signal and aggregating the data  
(so that,
         e.g. it could only broadcast a total power usage number at  
midnight
         on one night every month (allowing the power company access to
         only the data required for billing purposes, just like they  
used to
         have),
    * Preventing interference with cellular/handheld telephones,  
pacemakers,
         digital television broadcasts, etc by ...attenuating or  
jamming the
         signal close to the source? (if this is even technically  
feasible
         with radio without making the interference worse...)
    * Forcing open source encryption of the signal to the  
neighborhood base
         station to encourage the power company to implement security
         measures that place the PKI control in the hands of the  
consumers,
    * Mixing random data in with the signal to, e.g., make every  
device in
         the house appear to randomly turn on for a few seconds at  
intervals
         of a few minutes (while preserving the total usage numbers  
so there
         is no fraud), effectively preventing analysis of the  
individual
         device usage in your home,
    * Piggybacking on the transmission capability to build large ad hoc
         wireless networks for free neighborhood TOR networks between
         houses, and...
    * Other creative uses?

Comments or additional ideas are most welcome.

   dave

______________________________________________________________
Dave Del Torto, CSO                           +1.415.333.3003
CryptoRights Foundation, Inc. (501c3)        cryptorights.org
    "Securing human rights worldwide, one bit at a time."


........................................................................
[1] <http://www.pge.com/smartmeter/>
[2] <http://www.smartsynch.com/>
[3] <http://jya.com/emr.pdf>
[4] <http://reviews.cnet.com/bridges/siemens-speedstream-powerline- 
ethernet/4505-3304_7-20684584.html>
[5] <http://www.smartsynch.com/support/tech_library.html>