Forgot your password?
typodupeerror
Privacy Your Rights Online

Smart Meters Reveal What You're Watching 170

Posted by Unknown Lamer
from the we're-always-watching dept.
xororand writes "H-Online reports that 'researchers at the Münster University of Applied Sciences have discovered that it is possible to use electricity usage data from smart electricity meters to determine which programmes consumers are watching on a standard TV set. By analysing electricity consumption patterns, it is, in principle, also possible to identify films played from a DVD or other source.' It's time for some clever EEs to come up with a countermeasure. Unfortunately alumfoil hats have already been dismissed."
This discussion has been archived. No new comments can be posted.

Smart Meters Reveal What You're Watching

Comments Filter:
  • by MightyMartian (840721) on Tuesday September 20, 2011 @04:19PM (#37459824) Journal

    I'm guessing if you built a plugin AC device that just sort of created random draws on your electrical supply, say ten times a minute, for random durations, I imagine that would pretty much kill any leak of such information.

    • It will kill any leak, but explode your electricity bill :-(

      • by vlm (69642)

        No all you need to screw up their signature is "about equal to a TV".

        Now insert the stereotypical /. complaint from coasties that they can easily afford a $1200K house on their $50K salary the only problem being the 15 cent per KWh draw of their 200 watt TV will surely bankrupt them. Happens every "electricity consumption" /. article. Close on the heels of the "The average american watches TV 8 hours per day, works 16 hours per day, sleeps 8 hours per day, and commutes in their vehicle at 5 MPH on the fre

    • Re: (Score:3, Informative)

      by MatthiasF (1853064)

      You could also buy a cheap uninterruptable power supply (battery) or line filter (capacitors) for the same effect.

      Unlikely the battery or filter would draw 1 for 1 from the wall and would probably smooth the signal out enough to be indistinguishable.

      • by PIBM (588930)

        Actually, there`s always a non-neligible loss of power from the AC => DC => AC conversion :(

      • That's a good point. A UPS isn't a bad idea for your electronics, and can save you from nasty things like lightning strikes and overloads.

        • A surge protector is fine for those situations, and much cheaper. What a UPS offers, often in addition to surge protection, is mitigation of brownouts (drop in power below normal level) and blackouts (total loss of power). You can pick up units for £40 from online retailers which will suit a home user just fine.
      • by dougmc (70836)

        You could also buy a cheap uninterruptable power supply (battery) or line filter (capacitors) for the same effect.

        A (cheap) UPS generally latches it's output directly to the A/C input rather than conditioning the power in any way beyond a surge protector. If there is a problem with the incoming power, it disconnects the A/C input and switches to battery in a fraction of a second, but until that happens, it wouldn't do much to mask exactly how much power is used from instant to instant (beyond the small amount of power it consumes itself, mostly to charge it's battery.)

        Some fancier UPSs are always powered by the batter

        • by Muros (1167213)
          You got there before me. Cheap UPSs have a mechanical switch. Inline UPSs are much more expensive.
        • by Grishnakh (216268)

          The only problem with the inline UPSes is that they also use a fair bit of power, as there's significant losses in doing continuous AC->DC->AC conversion. Our electronics are inefficient enough as it is.

          It's too bad no one makes ATX power supplies with built-in UPSes any more; PC P&C used to make one many, many years ago. By building the UPS into your computer's power supply, you eliminate two conversion steps (AC->DC(+battery)->AC---->DC changes to (AC->DC(+battery)). For servers

          • by camperslo (704715)

            Use what amounts to a UPS (the inverter section), but keep the batteries charged up with a couple of solar panels. Feed the panels into a switching regulator, but change the regulators feedback voltage sampling point to the INPUT and set it to load the panels down to the optimum voltage where they deliver maximum power output. There needs to be a kill mode to prevent overcharging, or perhaps divert some D.C. into other loads like a PC that's always on (also with a kill mode for when the main supply is off)

      • by mrmeval (662166)

        The line filtering and surge suppression in a UPS is active all the time but the batteries are not. A ferroresonant transformer will smooth out transitions in both directions; it is an always on device.

        http://www.allaboutcircuits.com/vol_2/chpt_9/6.html [allaboutcircuits.com]

        The transformer does smooth fast transients from either load or line but there is still variation. I've only used the ones for computers that have a clean sinewave out.

        There are ones so noisy they'd swamp any line monitoring but using them for electronics is

    • by Artraze (600366)

      You could just do it with a cron script or similar. I doubt the variance they're picking up is any larger than the difference between idle and full power on a modern desktop computer. Hell, just leaving a bunch of tabs open on Firefox while watching TV may provide enough variance to prevent this analysis.

      • by DarkOx (621550)

        Probably not a cron script. If you introducing noise to obfuscate information that might leak through a side channel attack like this you want that noise to be as random as possible. If its predictable someone may be able to work out that pattern, interpolate what the side channel data would look like with out it, and then run their original analysis.

        What would be better is a little C program that read a byte two from /dev/urandom, slept that number of ticks, woke up did some calculations on some more ran

        • by Artraze (600366)

          That's not really going to do it. This attack seems to rely primarily on the dynamic back lighting in modern LCDs. That and the line about "second by second" implies that the detection bandwidth is 1Hz, and more likely minute long detections of average light and dark periods which they then correlate to known values in the streams they're searching. As this is very low frequency, you'd want your noise band to be more like .001 - 1Hz rather than 10 to 1000 Hz as you are implying, where it would average ou

    • It might well be easier(and possibly even more efficient) to plug the object you don't want leaking data into a proper dual-conversion UPS, tweaked slightly to allow itself to discharge to a random level(somewhere between 50 and 90 percent, say) before starting a charge cycle.
    • by Reece400 (584378)
      Two TV's on at the same time, on different channels?
      • by Thud457 (234763)
        That's what I'd do if I had a million dollars.
        • by owlstead (636356)

          You don't need a million dollars to own two TV's. Second hand TV's especially come pretty cheap (compared to many other costs anyway, not that that matters if you are broke...)

      • by owlstead (636356)

        And they would find out what you are displaying on two TV's, and the one that never zaps, or zaps in the middle of the movie, that's the one you are not watching.

    • by owlstead (636356)

      And, knowing a bit about side channel attacks and statistics, you would be wrong.

    • I'm guessing if you built a plugin AC device that just sort of created random draws on your electrical supply, say ten times a minute, for random durations, I imagine that would pretty much kill any leak of such information.

      Like a refrigerator or lights, a/c, heat, water heater, etc... Sure not one appliance ten times a minute, but certainly many appliances running randomly. I usually have more than just a TV drawing power at anyone time, assuming the TV is even on.

  • Light and dark passages in these films, large volumes of data, and a minimum of interference from other devices are the key to performing this analysis.

    turn on a motor that draws at least 0.5A and you should be safe from those boxes....

    • They say that "a minimum of interference from other devices". Right, except my electricity meter is for my house, and it has many other devices. So unless you think I'm going to turn off all my lights, my computers, unplug my fridge, shut off my A/C, and so on when I watch a movie, then I can't see this working.

      Also there's the fact that light vs dark really doesn't have much difference in terms of power draw on an LCD. Yes there is a bit used to change the crystals, but not nearly as much as the backlight.

      • by Artraze (600366)

        Lights, Fridge, A/C don't provide much noise, and neither will an idling computer*. The last is largely because many people these days use laptops (low power with a big filter to begin with) and often leave them sleeping or with no apps running. Of course, if they're actually using it while watching TV, then all bets are off.

        The thing about TV's, is what you said would be true for CRTs and early LCDs, but I think this will depend a lot on the dynamic features that LCDs employ. Very dark scenes diminish t

        • I disagree with you, I was in a lab in a past life, that use to develop software to detect things that I can't talk about but I can tell you without breaking my NDA that the fridge compressor was our worst enemy.

          • Also I can tell you that the application was not for any three letters agencies neither was it for the police forces. I would not break anything by telling that it was a modified smart-meter from a European company. That as far as I can talk about it without getting sued...

            • The fridge in my lab uses peltier devices, specifically so we do not have a fridge compressor.
              -nB

        • My computer at idle varies from 71 to 88 watts according to the UPS plugged to it, with the nominal being 73-76. That is because it doesn't really "idle". It has near a hundred processes loaded. So if one of those decides it needs to do something and takes more CPU time, the cores spool up a bit and more power is used. Same deal if it decides something needs to happen with the SSDs, and so on.

          The A/C, well I have no way to monitor that but I know enough about the operation of such a device to tell you that

      • by geekoid (135745)

        This is for a smart meter set up. So individual devices.

        • http://en.wikipedia.org/wiki/Smart_meter [wikipedia.org]

          Smart meters just talk to the utility company more often. It is still a single point of reading because that's all they care about. The power company doesn't give a shit what I spend my power on, they just need to know how much so they can charge me for it. Not only would they have trouble getting people to agree to monitors on every outlet, but there's no way they'd want to bear the cost, or the insurance issues. They want a single point of demarcation past which not

      • by russotto (537200)

        They say that "a minimum of interference from other devices". Right, except my electricity meter is for my house, and it has many other devices. So unless you think I'm going to turn off all my lights, my computers, unplug my fridge, shut off my A/C, and so on when I watch a movie, then I can't see this working.

        Less of a problem than you might think. You have a set of known power profiles for the signals you're looking for. You correlate each with the meter readings. If one or two correlations is much be

    • by plover (150551) *

      Back when Google Power was thinking about happening, I once figured out how a burglar could use the output of a smart electrical meter to determine usage patterns that would indicate homeowner occupancy. There would be a very characteristic double spike that would bracket a very common garage door opener's usage pattern -- when it's time to leave in the morning, the door would open causing a 30 second draw from the motor as well as a draw from the lights, after 30 seconds the motor would shut off but the l

    • by Darinbob (1142669)

      No way are you going to make me vacuum during my favorite shows!

  • Why do it like this when the cable box can report a lot more info about what you are viewing and does not need new hardware to pull it off.

    • Well, for starters, I'm assuming the cable company wouldn't want to be sharing its data with the electric company. Second, this is useful for anyone who doesn't have a cablebox. Cablecards installed into a TV, PC, or anything other than a cablebox are inherently one-way devices. The current spec has no mechanism for them to do 2-way communication (unless it's a SDV system that requires a tuning adapter). The same is true for the little DTA devices and QAM tuners.

    • by marnues (906739)
      To add to the other commenter, cableboxes are mostly one-way devices as well. They keep trying to implement 2-way communications, but even if the box is capable the cable company I work for does not implement this. Video engineers are a dying breed because they don't want to learn about things like 2-way communication and packet switching. I can guarantee that once the network engineers have their way and video is just another packet service, the pipes will be cleaner, your digital feed will be much smoo
    • by Darinbob (1142669)

      Because that idea spoils the whole "smart meters are evil and are corrupting our vital bodily fluids" theory.

  • And what if the TV, STB and various players are connected via a battery backup?

  • by Andy Dodd (701) <atd7&cornell,edu> on Tuesday September 20, 2011 @04:27PM (#37459946) Homepage

    In the cryptography world, this is known as a sidechannel attack - specifically DPA.

    "It's time for some clever EEs to come up with a countermeasure."
    There are plenty of countermeasures for DPA in the crypto world - However:
    1) The negative impact of this is a hell of a lot lower than key extraction
    2) The positive effects of having power consumption tied to scene brightness are significant. Localized backlight dimming means that a scene with low average brightness uses less power. OLED displays take this to another level - black pixels use no power.

    Also - In this case it appears they were only able to identify which channel a TV was tuned into. DVR makes this MUCH more difficult because fast-forward/rewind vastly increases the number of datasets you need to compare against. Also, while in theory you could identify a DVD, the selection of possible DVDs is so great and the amount of noise in the measurements is such that you're never in practice going to be able to identify someone's watched content reliably.

    • by plover (150551) *

      DVR probably doesn't change the equation much at all. Yes, there are very few patterns to match if you say "let's watch for identical channel patterns to what is being broadcast right now." But real pattern matching could be used to match on subsets of the data: 30 seconds of programming at a time might yield enough information to narrow down a clip to a very finite subset, and preceding and following clips would eliminate collisions resulting in the identity of a particular show.

      This technique would wor

  • And most new cable boxes include a DVR.

    Of course, the reason a DVR negates this is that they draw a huge amount of electricity even when you are not watching the show. They are the biggest single draw of electricity most people have. Incredibly wasteful, but so addictive.

    That is because current versions always need to be "on" if you want to record something when you are not around to turn it on.

    Supposedly, new versions will be able to go into 'sleep' mode until their internal clock says it is time to

    • by geekoid (135745)

      " biggest single draw of electricity most people have. "

      citation needed. I would doubt it pulls more power then my electric stove. or furnace.

      • It is on more often than your stove, and maybe more than your furnace. The article I read stated DVRs were a bigger drain than new energy efficient Fridges which used to be second only to AC as power draws.

        I was feeling pretty bad about my 2 Tivo habit, so I googled it and apparently Tivo got some Energy Star rating not too long ago for power savings versus their previous models.

        And to the detriment of the GP, a DVR with pretty much consistent power usage decrypting content and constant spinning hard drive

        • by Wovel (964431)

          My pull pump draws a continuous 750 watts...DVR would have a hard time keeping up.I realize we have intelligent pumps now that would pay for themselves in short order, but this one is my friend.

        • by PIBM (588930)

          Depending on where you live, heating can easily be the highest energy consumption. All my computers (multiple of them) on 24/24, NAS, 24 port switches, laser printer (idling most of the time), tvs, surround receivers, along with all the remaining electrical things running in the house beside the heating furnace uses 28% of the total energy consumed per year (yes, it`s all metered), and we are well insulated, triple pane glass etc.

      • by vlm (69642)

        " biggest single draw of electricity most people have. "

        citation needed. I would doubt it pulls more power then my electric stove. or furnace.

        I've seen those studies, and it is true if you live a nearly amish lifestyle w/ respect to other electronic devices. Perhaps in a small dorm room? If you exclude everything that can compete, what you want to win usually wins by virtue of being last standing. Also cherry pick the oldest, most wasteful DVR that has ever been deployed in at least quantity 1 to at least one home on the planet. I haven't been able to follow the money to figure out what they are trying to do, maybe they own patents on saving

        • by plover (150551) *

          Judging from the heat they produce, I think my cable boxes draw somewhere around 50 watt-hours each in "standby" mode. I need to plug my Kill-a-Watt in to doublecheck, though.

          Those suckers emit the heat 24 x 7. I don't mind so much in the winter, but in the summer I'm paying extra to pump that heat out of the house.

          Just found on line where someone measured theirs with a kill-a-watt and they draw 45 watt-hours in use, and 42 watt-hours in standby. Definitely not green.

        • by Wovel (964431)

          Also, if you effectively skip commercials, the DVR probably pays for itself because your TV is on less.

  • And using a UPS should easily defeat this. Move along, nothing to see here.
  • A similar effect can be achieved by analysis of photon leakage through amorphous silica, aka looking through your living room window.
  • simultaneously running an identical device with an inverted signal? Now may I please have my daily allotment of tinfoil? Yummy!
  • by StikyPad (445176) on Tuesday September 20, 2011 @04:39PM (#37460128) Homepage

    Countermeasures already exist. They're called capacitors.

  • Anybody who can hack into the communications link (already published -- easy to crack) can tell if you are home or not. Ideal for someone wanting to break in. Also, a working husband can easily track a stay-at-home (maybe) wife's activity.
  • The feds can just ask the cable companies what you are watching. They'll cave.
  • by vlm (69642) on Tuesday September 20, 2011 @04:41PM (#37460156)

    I think the key in the article is "standard TV set" by which they mean a CRT. A CRT varies its HT current draw by scene brightness, and its quite visibly obvious when troubleshooting. Heck even a cheapie consumer grade wattmeter could probably detect it. On /. a CRT is probably not considered a "standard TV" anymore, but out in the real world, deployed CRTs on the ground showing shiney pictures probably still outnumber all other deployed and working technologies, at least for a few more years...

    On the other hand, the florescent backlight in my piece of junk basement LCD TV is constant power draw, no matter if the LCD pixels let light thru or not. The LCD pixels themselves draw about the same no matter scene brightness. Anyone who's ever done anything with embedded systems knows this... the LCD display itself is usually rated around a milliamp, most of which is wasted in the control ckts, and the backlight usually draws a good fraction of an amp. Even allowing for much higher current draw for fast moving scenes and higher contrast, I'm betting the backlight still wins for power draw.

    • by owlstead (636356)

      "I think the key in the article is "standard TV set" by which they mean a CRT. A CRT varies its HT current draw by scene brightness, and its quite visibly obvious when troubleshooting. Heck even a cheapie consumer grade wattmeter could probably detect it. On /. a CRT is probably not considered a "standard TV" anymore, but out in the real world, deployed CRTs on the ground showing shiney pictures probably still outnumber all other deployed and working technologies, at least for a few more years..."

      Maybe in t

    • by BillX (307153)

      Like mentioned in other posts - this does not only work on CRTs (of which Plasma is a type), but also *most* modern LCDs as well as the LED/OLED screens that are already beginning to displace them. About the only screens whose power consumption does not depend on scene brightness is old fixed-backlight LCDs, which are mostly displaced these days by "dynamic contrast" backlighting.

    • by sFurbo (1361249)
      The backlight is often modulated by the scene brightness to save power. However, this is a much slower effect then on CRT, so the amount of information is going to be orders of magnitude lower. I don't know how much of a capacitance is in a standard CRT setup, if it is low enough, you should be able to exctract the brightness of each sub-pixel, recreating the picture entirely. The backlight of an LCD TV is modulated on the order of tens of seconds, so even if the you can only read the brightness of each fra
      • by vlm (69642)

        TI don't know how much of a capacitance is in a standard CRT setup, if it is low enough, you should be able to exctract the brightness of each sub-pixel, recreating the picture entirely

        The capacitance is pretty high... high enough to give a decent shock, but low enough that the voltage would vary with "overall scene brightness" I guess I'm saying the time constant, as a rough guess, is/was about a tenth of a second.

        CRTs are/were always cathode modulated not anode modulated. That said, and /. culture being what it is, someone will find an obscure 1955 soviet military radar that anode modulated, in fact I'm kinda looking forward to it.

  • Have two TVs on at the same time viewing different programs.
    • by vlm (69642)

      Have two TVs on at the same time viewing different programs.

      The crypto equivalent of xoring the same passphrase on two known plaintexts. Not gonna work.

      Its like saying a fourier transform can detect two individual sine waves, but not a combination of sine waves. not how it works. In fact it's great at that.

      • Sure but sine waves are easy, they are regular. If you combine two random wave forms together they aren't so easy to separate.

  • They still don't get it. TV on != watching. I know a hell of a lot of people who just have it on to have background noise but are paying exactly zero attention to the television.
    • by b4dc0d3r (1268512)

      I'll do you one better. I was seeing someone who got endlessly annoyed at radio, at TV, at anything blatantly advertising becauese she understood what they were doing, and how. And it bothered her.

      I never noticed. I knew that the new episode of House was coming soon, but I still can't tell you when. I can ask if she saw that commercial about the whatever, and she asks what's it for? I have no idea, it had the things in it. She didn't notice any of that, only that it was advertising.

      I have an ad filter

  • It is indeed possible if you have a constant or recurring draw from other sinks (like resistive lights, capacitive motors etc.) but I guess if you have even one of those malfunctioning with a random draw (such as an off-center aquarium pump or an AC unit) or you add signals (like X10 or Ethernet-over-Powerline) that this kind of 'attack' is quickly trumped unless you can get right at the circuit where the TV is on. For that matter, I think an optical attack would be much more reliable (where you measure the

  • by prefec2 (875483) on Tuesday September 20, 2011 @05:17PM (#37460598)

    See when you open your refrigerator, when your heating kicks in even if it is gas driven due to the start pulse. Every electricity consumption can be monitored and it can be interpreted allowing to see when you get up, what your behavior is (at home). That's why we need data security. No company should be allowed to use these data other than to control electricity production.

  • by queazocotal (915608) on Tuesday September 20, 2011 @05:19PM (#37460618)

    This is not as simple as some people think to block. A simple random load added to the mains signal will not do it.
    In order to find out if you're watching a given TV program - first you take the TV program, and measure every 5 second periods average brightness..
    This gives you 720 samples for an hour.
    Now, you load up 720 5 second samples from the targets electricity meter.

    You subtract the average value from each of these, so they're symmetrical about 0.

    Now, you go through the list, multiplying the first brightness by the first measured energy use, and add this to a total. Repeat this 720 times.

    Now, you have the correlation of the power with the TV program.
    This is _MUCH_LARGER_ than the correlation of any single time period, and any noise or random non-correlated signal such as fridges or freezers drops out to a large degree.

    Random signals have to be of the order of sqrt(720) - 36 times larger than the signal to mask it.

    (It's not quite this bad, as there will be some false correlation, epecially given there will be millions of candidate programs, and 5s offsets that can occur)
    And yes, LCDs, especially LCDs with newer variable power 'energy saving' backlights that dim or brighten along with the program content to optimise contrast and power use will work for this just fine.

    • by Wovel (964431)

      If we did not have DVRs and 500 channels, this would be a lot easier :)

    • This is not as simple as some people think to block. A simple random load added to the mains signal will not do it.

      True, but a second TV on the same meter will.

      • A second TV is merely noise, from the perspective of the program you're checking.
        You simply get two results out, not one.

  • FTFA: "Light and dark passages in these films, large volumes of data, and a minimum of interference from other devices are the key to performing this analysis."

    My smartmeter reports hourly total usage, not "large volumes of data"...

  • Finally! (Score:2, Funny)

    by srussia (884021)
    I can camouflage my grow op simply by modulating the lights using a photocell aimed at a TV tuned 24/7 to Fox News!
  • There is no way they can tell what someone is watching on their TV by looking at electric consumption. There are too way many variables involved to make this even plausible.

    I'd like to see some proof, in English.

  • by sxltrex (198448) on Tuesday September 20, 2011 @06:35PM (#37461608)

    I work for a large utility that is currently implementing an AMI system. I can tell you from first hand knowledge that no utility gets (or wants) usage data from its customers every 2 seconds. At my utility we collect usage in 1 hour bins for residential customers and 15 minute bins for commercial and industrial customers. The amount of database storage we would need to collect 2 second interval data from all of our customers would be staggering. As it is we've had to invest in a large server farm to handle the data we are getting.

    If I had to guess I'd say that the 2 second intervals are for in-home monitoring using a ZigBee HAN, or something similar (the EasyMeter website is in German and does not appear to have much technical info).

    • What about contacting some advertising company interested in consumers' TV habits. I suppose they would easily pay you enough to upgrade your farm and score some return...
  • Why do power supplies need 14 lines to my motherboard?

    Only 6 for the various voltages.

    As far as other posters. mentioning plugging in other devices... they'd have to have random current incoming. The only thing that would work is a UPS which only charges on intervals. Which is basically a laptop power supply...
  • From TFA:

    Light and dark passages in these films,

    An LCD set with fluorescent lamp backlights doesn't use more or less power for light or dark scenes. The lamps run at a constant intensity and the LCD shutters (requiring a minute amount of power compared to the backlight) regulates the light passing through.

    Its possible that a plasma or old CRT TV set power consumption might vary with picture output. But I'd expect the sound to be as much a factor as the picture.

  • They've had cases in the UK where everyone was glued to their TV sets until the adverts came on, then rushed to the toilet. Water consumption soared for a minute or three, then back to normal again when the TV show (Eric and Ernie's Christmas special?) was back on.

    Analyzing the advertising times against the water consumption - and we've got it.

    Of course we're assuming

    a) everyone flushes

    b) everyone uses the toilet for their "private time", rather than the nearest bush or garden ornament

  • I've been waiting for myself to get enough free time to show *exactly this*. The vast majority of TVs - basically everything except LCDs without any kind of "dynamic contrast" feature - have current consumption that is dependent on screen brightness. A Google or similar statistical hivemind could potentially tease out the shows being displayed on a screen in a 'normal' house (not only contrived lab setup) because most household power consumption either switches on much larger timescales than scene-brightnes

  • Unless each channel uses a different amount of energy, there is no way in hell they can determine who's watching what show from the power meter.

    OK, I'll admit I didn't RTFA, but give me a fucking break. With 500+ channels, there is no way in hell they can figure out who's watching what especially during prime time. It's called prime time because it's the time of day 99.9% of the TV watching public is watching TV. Also, who's to say that power drain isn't a computer, fan, or even a few incandescent lights

IF I HAD A MINE SHAFT, I don't think I would just abandon it. There's got to be a better way. -- Jack Handley, The New Mexican, 1988.

Working...