Wow, props to Castellucci for being a stand up person and not using their discovery to control or mess with tens of thousands of people’s power supply. And props to GivEnergy for not turning around and suing them after they reported finding the issue.
This could have gone badly in either direction, but we lucked out that this Castellucci seems to be an excellent and conscientious citizen.
catloaf@lemm.ee 3 months ago
tl;dr: hacker (the good kind) exploits weak encryption key to gain access to the utility’s management system. Because you too were probably wondering how key length and power generation could possibly be related.