I’ll admit, when I saw
My mind immediately went to “I’m not a racist, but”
My thought is that an opinion without facts is a conspiracy theory. And that a strongly stated belief e.g. “Given the Chinese governments security controls over ALL chinese manufacturers” is still an opinion.
Yes it is and assumes that somehow the Chinese government/companies can install devices or code which can’t be detected by the best of the west and allow the Chinese to spy on the rest of the world. While technically possible to do this, how likely would it go undetected…not likely.
Ooh, see, a juicy conspiracy there would be if they were all Chinese 5G towers that they could somehow obfuscate the transmission 
They could run fibre to China or possible have embedded code that somehow pushes communications through to China…
Sorry I did not realise I needed to provide what most consider common knowledge.
Please read a little of this, I trust the source is acceptable.
https://www.oxfordscholarship.com/mobile/view/10.1093/oso/9780190685515.001.0001/oso-9780190685515-chapter-11
Without getting into the full capabilities of inverter remote control, not my specialty, here is a simple example from my experience, by manipulating the 10 min average voltage limit remotely the distributor, or manufacturer can cause the inverter to operate efficiently OR possibly not at all.
This setting is, I believe usually protected by a manufacturers password, I guess because it is not something they want the user playing with.
I hope that is enough for you, an inverter tech I am sure could educate us all if needed.
Hmmm I just happen to be reading “Burn In” at this time, amazing.
Will take your advice re Ghost fleet.
In answer to the crazy conspiracy comments please see my other fairly clear response elswhere in this thread.
I am not sure this is my type of place, a shame.
Sorry, but no that source is not acceptable. To quote the final paragraph:
Current China laws only claim jurisdiction on corporations with data servers established inside China. There are no laws found on governing cross-border data flow.
That is, the entire paper is about Chinese government access inside China. It does not address Chinese government access to information or technology located outside China.
Again, as I stated earlier, put your inverter behind a firewall or don’t put it online. China is just one of many risks for anything on the Internet, and the likelihood is that any inverter developer will have thought of Internet security as an afterthought if at all.
Basic problems like the recently-announced Ripple20 are likely to affect all sorts of online devices that simply don’t have sufficient thought put into their development.
No different to the US/NSA monitoring all data an communications through the US, (and potentially wider), like wise with Russians, Australia’s data sharing laws and the list goes on. One also needs to consider data/information collected by private businesses (think global giants such as Google, Apple, Facebook etc) which is widely unregulated and can easily be available to governments, especially where they are based or where data is held. They have resisted data release but to date have failed as courts have mandated its release.
Just because some countries seem ‘annoyed’ China has the potential to join the their party, there is political exasperations in the west.
If one is worried about any local or foreign agency eves dropping on their data/communications, then the only safe way to protect data/communications is not to partake in it. Thinking not involving the Chinese is safe…is as safe as trusting a thief with you credit card and pin.
That assumes that anyone is looking.
I admit that I have not really addressed this concern. Yes, TikTok is attracting attention. It was recently banned in India, for instance. Of course, India is currently in the middle of a border dispute with China, so we cannot know whether this was retaliation or a real threat.
The US has been telling us lately how terrible companies like Huawei are. Unfortunately, there is a lack of evidence to support its claims - and plenty of evidence to show that it’s more ‘do as I say, not as I do’ from the US. Other Five Eyes countries are obviously feeling a lot of pressure from the MAGA president right now, and so are following the US lead regardless of whether it is in our best economic interests.
We seem to be entering into a new Cold War, with China on the rise and the US losing its grip. Russia is of course taking advantage as best it can, while smaller countries like Iran and North Korea see certain advantages accruing to them. One can only hope that the war stays cold, and largely avoids Australia - except that we are in an obvious zone of influence. Maybe we should simply recognise that we are not a ‘great power’ and should be careful how we play at diplomacy.
As for actually looking at apps and devices to figure out what is sending data ‘home’ or might be open to ‘manipulation’ by foreign entities, that is a tough ask. If you have a look at Microsoft’s recent ‘patch Tuesday’ updates, to a stable and well-established operating system, you will see upwards of 70 patches each month! Many of these, like the example I gave in my previous post regarding Ripple20, have been around for years if not decades! It takes a lot of work to figure out what complex systems actually do, and while the US government might have the ability to do such reverse-engineering and find some of the problems, small entities like an Australian consumer rights group most definitely do not.
Can a solar PV inverter be hacked?
There are several possibilities. The following is specific to one particular supplier, but the principles and vulnerabilities may apply to others.
A specific example is provided for a vulnerability in the wifi access to the Sungrow SH5K-20 hybrid inverter. It’s not clarified/tested if other models using the same wifi device are also vulnerable.
Hopefully all Sungrow SH5K-20 owners are aware and have patched their inverters or removed the wifi dongle and data access.
Note - Remote Access:
Sungrow provides remote data logging of inverters installed in Australia if the user has established an account on the Sungrow Cloud Server and completed internet setup of the inverter. The Cloud Service is based in Hong Kong as far as I am aware. Sungrow can also provide engineering access to an inverter over this link. Authorisation is required from Sungrow for that level of access. What features engineering access provides beyond parameter setting are unspecified. Yes, from memory you can turn the inverter off using a programmed software parameter. Whether there are other undocumented features, is an open question!
Local access to setting parameters only requires access to the inverter front panel or mobile phone with wifi, an app and a simple pass code.
Sungrow’s Cloud Monitoring service also provides for third parties Eg installers to monitor PV Inverter performance. It’s not clear whether the data monitoring by an installer requires the user account holder to provide authority or if Sungrow provide super-user accounts that utilise the registered serial no’s of each inverter connected to the cloud data base. It all depends on how the cloud server accounts are configured and managed.
P.S.
I’m not picking on Sungrow. It’s simply a product I know first hand. Other Inverter suppliers who provide remote cloud based monitoring and data logging may feature similar product functionality. Risks uncertain or not known?
I beg to differ, the paragraph you refer to changes nothing.
Data is in most, if not all, cases stored in a location and/or manner that allows the manufacturer free access.
Therefor creating a security issue for an important part of our infrastructure.
Some people are using the term hacking, I am not sure this is appropriate.
Most complex systems ask the user, for safety and maintenance reasons, to authorize their access to your system or software.
Yes you could say no, or subsequently disconnect their access, your choice.
Billions of us, not all, trust google facebook etc, or just dont care.
I consider our ports, rail systems, power grid and communications systems do not come into the “don’t care” category.
Thanks for expanding the subject, i thought it was all pretty obvious, your comments help repair my error.
My request to choice was to investigate and spell it out for us in the two areas I mentioned.
Something none of us can do.
Yet there is significant foreign, and especially Chinese, ownership or supply of all of the above, endorsed by governments across the land, not counting arable land, water rights, and a number of politicians.
None of it has been secretive, and none of it seems to have impacted voters choices.
Thus while one would think they
‘we’ generally do not seem to care because Australia is run under the concept of any dollar in the right pocket is a great dollar.
Choice focuses on consumer product issues and consumer advocacy. There are other organisations better equipped for investigative work into the underpinnings of your list and more, although often under wraps (ASIO, ASD, 5-eyes friends). Even so the decisions are political, and without 100% domestic sourcing by 100% domestic companies they will continue to trust offshore interests by necessity.
As for those of us on the forum, we have varied backgrounds, contacts, and knowledge, so are happy to make our opinions known as well as tossing in some details when we can.
We have grown up in a cultural-political environment that taught us who to fear and why. Others have grown up in different cultural-political environments and have equally strong views because of it. Who should fear who is always an interesting dialogue.
As others have mentioned I don’t see where that article tells us anything about China spying on or attempting to gain control of systems outside China.
On the question of ‘common knowledge’ there are a great many ideas that are widely believed and passed around as truth in our connected society. Some of them are supported by facts and sound reasoning, some are not. Here we are trying to find out which category this one is in so assuming that as a fact from the start is not so helpful.
I’ll admit when I read that part of your initial post (about asking Choice to investigate) my first thought was - does it have the technical nous to do so?
Further to my post on TikTok Amazon had asked it’s employees to remove the app from devices that interacted with Amazon hardware systems then said it was a mistake:
https://atrl.net/forums/topic/305881-amazon-threatened-by-tik-tok-tells-employees-to-delete/
On the theory or hypothesis of China using Huawei to spy or collect data, this is what seven ‘experts’ think…
It is worth noting that there is no evidence or Huawei modifying its equipment to allow data or communications to be monitored.
Two of them are politicians, one - sorry, two lawyers (the Yale guy is a lawyer), one a marketing expert, and only two having any idea about technology. I don’t know how The Verge came up with its choice of ‘experts’ but as usual it includes a lot of people who wot not what they say.
