zlacker

[parent] [thread] 3 comments
1. snoshy+(OP)[view] [source] 2021-01-22 20:12:55
This I'm not so sure about. It will certainly be different, but it's still an open question whether it will be easier to secure from a national security standpoint.

There's the physical security aspect of this, which is as you say, hard to take down when it's decentralized. However, as power generation gets more distributed, we'll naturally start seeing more (if not most) of these pieces of equipment be controlled over networks (private or public), and securing distributed infrastructure from a software standpoint is still a hard problem.

Just look at the state of IoT security today. It's quite bad, and that's not even realistically including nation state attackers in the threat model. I don't expect this to go well with a decentralized grid, at least not for a while initially.

replies(2): >>cobook+84 >>jounke+cv
2. cobook+84[view] [source] 2021-01-22 20:36:50
>>snoshy+(OP)
I'm not convinced that it needs to be internet controlled. Hopefully it uses protocols like BLE or Zigbee requiring proximity. That way such an attack would require being physically near the device.
replies(1): >>jholma+2H2
3. jounke+cv[view] [source] 2021-01-22 23:34:23
>>snoshy+(OP)
Decentralization means rooftop solar, and decentralized control (aka smart meters) have been in place for quite a while in many places.
◧◩
4. jholma+2H2[view] [source] [discussion] 2021-01-23 21:13:41
>>cobook+84
Zigbee devices can form mesh networks. That means viruses on them can form mesh networks. If, in addition to your Zigbee-only home automation gear, you've got a zigbee-enabled internet-enabled hub of some kind, you can get comand-and-control into the network from anywhere in the world. So much for proximity. I worked briefly in a SCADA-adjacent space a decade ago, and people were delivering PoCs back then.

IoT is a raging tirefire. It's hard to even imagine how bad the security situation is.

[go to top]