this post was submitted on 09 Aug 2024
89 points (96.8% liked)

Technology

58135 readers
4076 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
L3s@lemmy.world
enu@lemm.ee
fry@fry.gs
L3s@fry.gs
enu@lemmy.world
L4s@fry.gs
L4s@lemmy.world
89
512-bit RSA key in home energy system gives control of “virtual power plant” (arstechnica.com)
submitted 1 month ago by GreenEngineering3475@lemmy.world to c/technology@lemmy.world
24 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] catloaf@lemm.ee 50 points 1 month ago

Castellucci, whose pronouns are they/them, acquired this remarkable control after gaining access to the administrative account for GivEnergy, the UK-based energy management provider who supplied the systems. In addition to the control over an estimated 60,000 installed systems, the admin account—which amounts to root control of the company's cloud-connected products—also made it possible for them to enumerate names, email addresses, usernames, phone numbers, and addresses of all other GivEnergy customers (something the researcher didn't actually do).

tl;dr: hacker (the good kind) exploits weak encryption key to gain access to the utility's management system. Because you too were probably wondering how key length and power generation could possibly be related.