I suppose it could make routing by physical proximity easier.

It's self configuring, good for rolling out a large project.

It also means they don't have to rely on installers to enter the correct serial number and hose number in a system, saves a lot of work and fault finding. Why it's not encrypted? If the radio uses GPS coordinates for routing it would probably be too cpu intensive to decrypt each packet.

@@mrfrenzy. and it's easier to "disregard" based off arbitrary information as long as the GPS data is unencrypted. Wouldn't work in the boonies, but could be "self learning". Just my $0.02

@@mrfrenzy. CPU resources in these meters aren't the problem. Heck, I can use encryption with ESP8266 without an issue. Problem is key management. They have to keep track of the encryption keys and if they bork that up hundreds of man hours in trying to fix all those broken meters.

Glad you were able to get a peek behind the curtain! More on the protocol at: wiki.recessim.com/view/Landis%2BGyr_GridStream_Protocol

Ach...interessant... Do you have a link too? :-)

germany=little china

The smart meters gateways in germany are practically the same in the netherlands right? We can use a RJ11 connector and shove it in and read it all

@@xusdom Sage jetzt mal keinen Namen, aber wir sind schon ziemlich weit vorne wenn es um SMGW-Testsysteme geht ;)

Thanks, that means a lot! Glad you’re enjoying it.

Can confirm!

Thanks for watching!

MTM ;)

Thanks, really appreciate that! Glad you’re following along.

Thanks for watching, appreciate your kind words.

That idea is actually what started me down this path years ago!

Thanks! I feel the same way when some random thing pops up. Happy the AI Algo was able to read my mind 😂

It's astounding the lengths authority will go to. Open,, 360 degree, unencrypted data is free reign to anyone who cares to listen. Does the law cover listening or acting upon what you hear/discover?

@@ianhelsbyservices Yeah I agree, the ruling shocked me too as pretty far-reaching. As for it's general applicability, see any discussion of how the Wiretap Act is applied, though I think the gist is any form of interception of communication where you were not the intended target while using covered mediums is a violation. Usage of the information is immaterial AFAIK. Obligatory I am not a lawyer, just got a CS degree and took Computer Law.

It’s one of the main problems, the CFAA was recently amended I believe to cover “good faith security research” which is what I would consider I am doing. If people like us don’t actively search for vulnerabilities for the public good, we leave vulnerable systems that can be exploited by bad actors. I was doing it prior to the CFAA change, but fundamentally I believe it’s worth the risk. If you believe something is unjust, you gotta take a stand. Thanks for commenting!

@@RECESSIM Ah yeah excellent point, I definitely believe you're doing a good thing. I'm sure the DOJ has plenty of better things to do with their time :)

Fingers crossed!

Polar satellites excite me, fun to watch them pop up over the horizon, then listen to their beacons. then they go bye bye. A radio telescope would be fun, but alas neighbors. trees, and nasty noisy ISP cables.

That’s a great idea, could also use different icons depending on uptime.

@@RECESSIM Something like a heatmap with different colors to show low to high uptime would be great.

This would be good info when researching a purchase of a new home... Which homes have high power uptime

Thanks a lot! It’s been a great learning opportunity. Glad you enjoyed the video.

Hey Jim, I had one of those ZigBee readers too! Was surprised when it was discontinued. You can find me in the Discord server linked off www.recessim.com or email info there.

@@RECESSIM Managed to get signed in to the Discord server, said hello in #general but can't find an email address I can email except for the consulting address, which I did email but not sure if it works.

Give it a go! Oncor network is fun to monitor

Thanks! That’s interesting information. Any insight into the data that appears to be encrypted/encoded/compressed?

Thanks Mark!

Could be worse, you could have been on TikTok 😂

I see some things I need to add 😮

Just wait until we decrypt this data 😳

@@RECESSIM I know haha. Looking forward to it 😀

@@RECESSIM Not sure about your meters in the USA but here in the UK the payloads are encrypted using RSA Elliptic Curve. My info on that however is ten years old, I haven't worked in the industry since 2013.

@@RECESSIM What do you need to be able to decrypt it? Just a ton of computing horsepower to throw at it?

Likely to find a flaw in the implementation, poor key management, or something like that. Brute forcing it probably wouldn’t work. Where there’s a will, there’s a way! 😁

Appreciate that brother 👊🏽

Thanks for following me on this journey!

Glad you enjoyed it!

Sounds like something fun to analyze!

I have some iTron and Silver Spring Networks meters but haven’t spent a lot of time with them. Did setup the SSN meter and capture a bit of data to see what it looked like. Fun seeing how various systems are designed. What did you work on? Software, hardware, overall architecture?

@@RECESSIM Yep. I'm familiar with SilverSpring and iTron too. I worked on embedded software for Trilliant, on their SecureMesh, cellular and long range technologies. So yes, a lot of involvement with system design and hardware design too.

Very cool, love wireless networks. I read the IEEE paper some of the L+G guys wrote on this network. I’m sure working on/designing the ones you were a part of was a challenging and rewarding project.

@@RECESSIM You quickly learn that even the most improbable bug requiring the craziest coincidence will still happen in the field when you have millions of units running the same piece of software. Participating in the design of new protocols and new standards was fun, be it within IEEE, IETF, ZigBee or others. The challenge of building lots of features to a really low cost - saving a penny is worth it. New technologies such as embedded tiny OFDM radios, network stack doing TSCH (Time Slotted Channel Hoping) with very precise timing to the microseconds, synchronized Network wide. Or just dealing with the biggest cellular carriers. Yes, the challenges were endless and the tech very fun and rewarding. I kinda miss it. But I've done other cool stuff since too.

Thanks a lot for commenting, very interesting stuff you’ve worked on. Gives me things to read about this weekend! :)

I was editing the video and was going to show the code on the screen… At that moment, I realized it was indeed complex 😂

@@RECESSIM I am sure the data extraction techniques you are doing is full of hard coded magic.

I started looking at the .NET source code I have from the Collector video from a year or so ago… There are some libraries in there that make more sense in light of this new data I found 😎

CRC = Cyclic Redundancy Check. Serves pretty much the same purpose as a checksum, only better. See Wikipedia for a decent explanation. SDR = Software Defined Radio

Yeah, some people can be very abnoxious, not sure if i typed the good word :) but on the otherhand if you dont show big emotions, stay calm like he does you can be secure of them, not attrackting.

@@TymexComputing In my experience, simply being a "tall poppy" is all that is needed for some.

Any additional eyes are appreciated!

Funny enough that exact thought 5 years ago is what made me start researching this! Great minds… 😀

While that would be super illegal, it would also be dirt slow. These mesh networks aren't designed for bandwidth.

That’s a very cool application!

I don’t golf, but a lot of people play it so it must be nice!

Any feedback for me? Appreciate you watching it!

Thanks for the comment

In my experience I was dealing with Intel from multiple sources and while looking for formated data like IP and MAC it was all obfuscated differently by every data source. Without an exception output file I'd miss an indicator. The same routine helped identify identical data from multiple sources:) happy hunting!

Most likely they do not, the network is supposedly self-healing and will choose the best path given any obstacles (truck parked in front of a meter) in the way. But baring any environmental change, it’s probably pretty consistent. Just a guess though

What do you think happened to me 5 years ago! Run while you can! 🏃‍♂️ 😂

They shut down that service for Oncor customers in Dallas a few years ago.

It’s called GNURadio, great question! I’ve been using it so long sometimes I forget to explain the high level items.

@@RECESSIM Thanks!

Its believing that internally every human is good, and that feds alreeady Got that info from his Meter ;)

👊🏽

Nice fear mongering. Finding substations is trivial with satellite images. And it doesn't take complicated AI to find them. (hint: look for the long straight lines where trees have been cut down for transmission lines.) Took me a few minutes to find the two stations in NC that were recently shot.

@@jfbeam it takes a lot more effort than simply listening for gps data for sure. "and it doesn't take complicated AI" is an understatement of the year. No only you need good satellite imagery of the area you'll get lots of false positives too which require manual review. Let's say your house is in Eastern Ukraine right now, 20 miles from the front line, well in range of dumb artillery. The adversary has horrible logistics and crappy communication so there is no high resolution satellite imagery making its way to individual units at the bottom of the chain(their military coms are radios made in late 80 if they're lucky) , but their soldiers have mobile phones with internet access(which they fear to use most of the time, but they do use to find civilian targets of opportunity - high rises etc) and both sides are equipped with sigint vehicles (so interception if such signals as those we're talking about is trivial). Would you in such environment want to broadcast your home's and a local substation location? Also it is entirely possible to have subterranean substations which may not be visible (due to cables underground etc), but those too can have convenient antennas disclosing their location.

(a) almost all residential power is single phase. (b) residential power can come off any phase. unless you go look where your transformer is fed, there's no way to know. (powerco records will know, but the customer doesn't.) (c) he's listening to the RADIO communications from Smart Meters. A 3ph commercial meter will look almost exactly like a residential 1ph meter, maybe with a little more data in it.

@@jfbeam (a) sure that's normal (b) agree (c) the multiple meter response as he makes a request of his meter and the data collection process for the power company might require data from the other phases at the same time.

Whilst the meters here have that functionality enabled... there's still the legal issue of whether retailers can actually turn off the power. In my particular case, if my retailer disconnected my electricity they would be liable for a $20,000 fine per offence as I'm registered for life support. Doesn't mean I can just up and not pay my bill, but does mean they can't turn me off without negotiating first.

Actually, they DO have security in mind. (but they are limited by what they can do for pennies.)

@@JamesTK Exceptions to prove the rule. In fact most states have rules about turning off power when it could cause loss of life. (i.e. in winter when people need to be able to heat their house.) Even in your case, if you stop paying the bill, they _will_ eventually turn your power off.

@@jfbeam eventually yes, not like I can just keep not paying forever. In the life support case they would likely have to give notice that they'll disconnect at some point. Not sure what that process would be since I generally pay my bills lol

Would love to grab some coffee and chat, hash(at)recessim.com