diy solar

diy solar

FBI warns of Solar System Cyber Threat

BarracudaBob

BarracudaBob

Harvesting free photons from clean fusion
Joined
May 21, 2023
Messages
430
Location
Florida Man
“Maybe it’s name and address, but it’s not you know, I can’t even think of one that’s that I’ve ever seen that’s had like Social Security number, usually don’t even have date of birth,” said RevoluSun co-founder & CEO Josh Powell.

Yeah, thats all we are worried about ...lol
 
ScrotpusGobbleBottom said:
“Maybe it’s name and address, but it’s not you know, I can’t even think of one that’s that I’ve ever seen that’s had like Social Security number, usually don’t even have date of birth,” said RevoluSun co-founder & CEO Josh Powell.

Yeah, thats all we are worried about ...lol
Click to expand...
Back doors can be used to access other devices on your network which could have more sensitive details and the other thing to worry about with something like an inverter is a remote dead switch effectively bricking the device or worse still unlikely but not impossible turning a connected battery into a possible bomb.


Nothing In my rather large smart home/farm is connected to the internet(though I can access it anywhere in the world) it's something I put great effort into learn but the backdoors and security flaws in many of today's products are something your own government would rely on to spy on you not just foreign entities.

Cyber security has always been an issue for many western countries someone with good credentials can earn a very good wage in the private sector whereas atleast in the UK a job working for the government demanding the same credentials would pay 10% of that of the private sector whereas places like china are very cyber focused.

Many typical home routers supplied by your isp's just don't have the capabilities to isolate networks and prevent this kind of thing happening, anyone who seriously would like to secure their data(nothing will stop someone if they really want to get in) but if you don't want to be a easy target look into pfsense/opnsense or openwrt, all of which have a learning curve but some are steeper than others.
 
ThaiTaffy said:
Back doors can be used to access other devices on your network which could have more sensitive details and the other thing to worry about with something like an inverter is a remote dead switch effectively bricking the device or worse still unlikely but not impossible turning a connected battery into a possible bomb.


Nothing In my rather large smart home/farm is connected to the internet(though I can access it anywhere in the world) it's something I put great effort into learn but the backdoors and security flaws in many of today's products are something your own government would rely on to spy on you not just foreign entities.

Cyber security has always been an issue for many western countries someone with good credentials can earn a very good wage in the private sector whereas atleast in the UK a job working for the government demanding the same credentials would pay 10% of that of the private sector whereas places like china are very cyber focused.

Many typical home routers supplied by your isp's just don't have the capabilities to isolate networks and prevent this kind of thing happening, anyone who seriously would like to secure their data(nothing will stop someone if they really want to get in) but if you don't want to be a easy target look into pfsense/opnsense or openwrt, all of which have a learning curve but some are steeper than others.
Click to expand...

Or Mikrotik gear running RouterOS, properly configured (not with factory defaults).

Unless you don't trust it as it is engineered in Latvia and some of it is still manufactured there.

Anything but Netgear, TP-Link, etc.

Couple years ago I was having a half-joking conversation with a couple friends about the confirmed ability to remotely shut off the inverter section of SRNE AIO's and their various rebranded versions.

Whipped up the attached image based on the old "EASY" button from the OfficeMax advertising. Wonder if it actually exists?
 

Attachments

  • shutdown.jpg
    shutdown.jpg
    39.6 KB · Views: 5
Last edited:
v_green57 said:
Or Mikrotik gear running RouterOS, properly configured (not with factory defaults).
Click to expand...
Router Os is based on the Linux kernel same as openwrt but it's more stripped down(easier to use) personally I'm not a fan of either but I do flash tp-link stuff with openwrt to use as access points.

I used openwrt for a while but as I'm not that network savvy I found it a pain to configure properly, I moved over to opnsense(freebsd) after using pfsense for a short stint(didn't offer use of my VPN) and haven't looked back the options are great and the UI is fairly easy to use and I have almost infinite control of my network I'm pretty much the isp for my little community now supplying WiFi to the surrounding family members much to the kids disgust(limit their internet to 1hr a day unless supervised for homework) it also gives me an excuse to have access points everywhere for my esp devices.
 
The above is exactly why I'm a firm believer in open source security, other than the fact I'm a cheapskate. A company might have some of the best people in the business but open source has millions of developers and people willing to pick holes in a OS/program and the speed they can fix a bug/roll out an update is incredible.
 
Rednecktek said:
Ya know, us old coot off gridders are laughing at all y'all right now. :p
Click to expand...
It took me 4 hours to water my garden during the dry period via hose pipe managed to cut it down to 2 hours with simple sprinklers and taps but I still had to check to see if the ground actually needed the water and when to add fertilizer etc now it's automatic and I can check the system 9000km away when I visit family.
My whole system is still isolated(nothing connected to the internet I just have a backdoor into the network) being disconnected and totally off-grid is amazing but just not practical for me sadly.
 
Crowz said:
That's another plus for solar assistant if you trust it. Never configure your gear to get on the net and let SA be the gateway. Or better yet don't even let SA have a direct connection to the net and make your own gateway.
Click to expand...
Agreed!
I read about the interconnect terms for my poco and the communications / control that needed to take place between the inverter... No thank you, I'll do it my way.
 

Attachments

  • IMG_20240718_201514.jpg
    IMG_20240718_201514.jpg
    257 KB · Views: 10
  • IMG_20240718_204444.jpg
    IMG_20240718_204444.jpg
    78.6 KB · Views: 10
It is a different world. The news (OTA via TV antenna) had a short segment about a phone app that would learn your food preferences and suggest restaurants that had menu items that you might like. It seems to me that everyone is getting all too quick to put out in public every possible detail about themselves.

Why people accept using the cloud to run their PV systems is just strange to me. If you can monitor and change things remotely over the Internet than someone else could as well. I can see automation and local control of things but some devices people go crazy to have demand you have an Internet hookup to them.
 
ScrotpusGobbleBottom said:
“Maybe it’s name and address, but it’s not you know, I can’t even think of one that’s that I’ve ever seen that’s had like Social Security number, usually don’t even have date of birth,” said RevoluSun co-founder & CEO Josh Powell.

Yeah, thats all we are worried about ...lol
Click to expand...
Messing with everybody's batteries, inverter, and grid connected devices would be bad enough....
 
Mattb4 said:
It is a different world. The news (OTA via TV antenna) had a short segment about a phone app that would learn your food preferences and suggest restaurants that had menu items that you might like. It seems to me that everyone is getting all too quick to put out in public every possible detail about themselves.

Why people accept using the cloud to run their PV systems is just strange to me. If you can monitor and change things remotely over the Internet than someone else could as well. I can see automation and local control of things but some devices people go crazy to have demand you have an Internet hookup to them.
Click to expand...
I was tempted to take an HDMI output from solar's assistant and then somehow have that available via internet so I can monitor things but there was no way you could get back to the raspberry pi to make changes
 
  • Like
Reactions: Rho
BarracudaBob said:
I was tempted to take an HDMI output from solar's assistant and then somehow have that available via internet so I can monitor things but there was no way you could get back to the raspberry pi to make changes
Click to expand...
Teamviewer
Use it to log into a junk phone near the SA and log in via Bluetooth?
 
Yeah, a VPN into 'home' lets you do everything, but of course it's only as good as your VPN's security, which is probably somewhat related to how much you paid for it.
 
I've got a Sol-Ark and I use their cloud service. More than once I've considered disconnecting it. The fact that I can change the settings scares me but I'm also in the initial setup/monitoring phase. If you've seen their cloud migration, it's not been smooth and I got hit by a bug that limited my PV output. I guess I have less of a problem if it reports data but I, as the owner of the product, should have the ability to deny any and all changes from occurring. There should be a strict read-only mode. Wishful thinking I know...

Side note: I'd hate to be a Crowdstrike customer today.
 
Last edited:
You must log in or register to reply here.

Similar threads

M
Solar/Battery/Grid system based on EG4 18KPV Powerpro
2
Replies
49
Views
3K
solarlunar
S
T
14.4 KW solar, 40.96 kWh backup, 2 solark 15k inverters, off grid family home, doable or delusional?
2 3 4
Replies
83
Views
6K
Bop
B

diy solar

diy solar
Back
Top