Buggy ‘smart meters’ open door to power-grid botnet : brilliant. ‘The vast majority of them use no encryption and ask for no authentication before carrying out sensitive functions such as running software updates and severing customers from the power grid.’ Even worse: IOActive’s demo worm ‘exploits an automatic update feature in the meter that runs on peer-to-peer technology that doesn’t use code signing or other measures to make sure the update is authorized.’ omgwtfbbq
(tags: security smart-meters home technology stupid code-signing updates upgrades p2p power ioactive)