this post was submitted on 08 Jul 2026
100 points (99.0% liked)

Europe

11532 readers
1456 users here now

News and information from Europe ๐Ÿ‡ช๐Ÿ‡บ

(Current banner: La Mancha, Spain. Feel free to post submissions for banner images.)

Rules (2024-08-30)

  1. This is an English-language community. Comments should be in English. Posts can link to non-English news sources when providing a full-text translation in the post description. Automated translations are fine, as long as they don't overly distort the content.
  2. No links to misinformation or commercial advertising. When you post outdated/historic articles, add the year of publication to the post title. Infographics must include a source and a year of creation; if possible, also provide a link to the source.
  3. Be kind to each other, and argue in good faith. Don't post direct insults nor disrespectful and condescending comments. Don't troll nor incite hatred. Don't look for novel argumentation strategies at Wikipedia's List of fallacies.
  4. No bigotry, sexism, racism, antisemitism, islamophobia, dehumanization of minorities, or glorification of National Socialism. We follow German law; don't question the statehood of Israel.
  5. Be the signal, not the noise: Strive to post insightful comments. Add "/s" when you're being sarcastic (and don't use it to break rule no. 3).
  6. If you link to paywalled information, please provide also a link to a freely available archived version. Alternatively, try to find a different source.
  7. Light-hearted content, memes, and posts about your European everyday belong in other communities.
  8. Don't evade bans. If we notice ban evasion, that will result in a permanent ban for all the accounts we can associate with you.
  9. No posts linking to speculative reporting about ongoing events with unclear backgrounds. Please wait at least 12 hours. (E.g., do not post breathless reporting on an ongoing terror attack.)
  10. Always provide context with posts: Don't post uncontextualized images or videos, and don't start discussions without giving some context first.

(This list may get expanded as necessary.)

Posts that link to the following sources will be removed

Unless they're the only sources, please also avoid The Sun, Daily Mail, any "thinktank" type organization, and non-Lemmy social media (incl. Substack). Don't link to Twitter directly, instead use xcancel.com. For Reddit, use old:reddit:com

(Lists may get expanded as necessary.)

Ban lengths, etc.

We will use some leeway to decide whether to remove a comment.

If need be, there are also bans: 3 days for lighter offenses, 7 or 14 days for bigger offenses, and permanent bans for people who don't show any willingness to participate productively. If we think the ban reason is obvious, we may not specifically write to you.

If you want to protest a removal or ban, feel free to write privately to the admin that applied the rule (check modlog first to find who was it.)

founded 2 years ago
MODERATORS
 

The expansion of decentralized energy generation repeatedly reveals deficiencies in the IT security of market-leading hardware. The focus is again on the Chinese company Hoymiles, which, according to its own statements, serves around 20 percent of the European market for microinverters. These are installed in balcony power plants and smaller roof solar systems. Security researcher Benedikt Heinz, also known as Hunz, together with the Chaos Computer Club (CCC), has uncovered far-reaching security vulnerabilities: With simple means from the electronic junk box and little know-how, it is reportedly possible to manipulate, switch off, or permanently disable solar systems in the neighborhood while driving by.

top 10 comments
sorted by: hot top controversial new old
[โ€“] jafffacakelemmy@mander.xyz 11 points 13 hours ago

My installers connected the solar inverter to the home WiFi. I soon fixed that by changing the WiFi password, but I also discovered that inside the inverter is a stange-looking metal sim card, very small, but thankfully removable. I removed it. No-one is mucking about with my setup! (Except me ๐Ÿ˜€)

[โ€“] grue@lemmy.world 15 points 15 hours ago* (last edited 15 hours ago) (2 children)

Why the Hell does a solar inverter have a wireless data connection at all to begin with? Insanity.

If you're installing solar anyway, you're definitely running wires. So if equipment is "smart," at least fucking hardwire the networking, damn it!


Also what the fuck was that spammy website? It wanted to run shit on my computer to let me read the article. I thought Europe was supposed to prohibit that abuse!

[โ€“] Ghoelian@piefed.social 2 points 7 hours ago

One use-case is people with dynamic energy contracts. You don't want your solar panels to return power to the grid if the energy price is negative, because you'd pay for every watt returned. This way the energy provider can remotely stop the inverters if prices are negative.

Though afaik the on-board connectivity is usually exclusively for the API the manufacturer's app uses. There's some energy providers in the Netherlands that use this API as well, but this is slow and sometimes unreliable. My employer also installs these panels+inverters, but we control them using modbus via a device we manufacture that you plug in to the modbus/control port. It connects to us via mobile 4g, because we don't want to rely on the customer's network (even when wired).

[โ€“] MaggiWuerze@feddit.org 3 points 14 hours ago* (last edited 14 hours ago) (1 children)

Heise is we'll known for their shitty consent or pay barrier, but they don't want to "run shit on your computer", they just want to track you and sell you to the highest bidder, or just anyone who throws a couple euros in their direction

[โ€“] grue@lemmy.world 1 points 3 hours ago

Ah, I only skimmed their bullshit popup warning, saw a bunch of mentions of "processing," and assumed they wanted to mine crypto or something.

[โ€“] HaraldvonBlauzahn@feddit.org 31 points 17 hours ago (1 children)

This isn't an argument against solar technology - just an unacceptable level of IT security in safety-relevant technology and critical energy infrastructure.

It's already wrong that much of this stuff does not operate without cloud.

[โ€“] trampel@feddit.org 3 points 17 hours ago* (last edited 17 hours ago) (2 children)

Well you kind of need the cloud in energy production tech if you want to keep the energy network stable. Otherwise the network operators can't regulate the energy production during peak hours.

But it's crazy to me that stuff like inverters does not get penetration tested before being sold on the European market...

[โ€“] HaraldvonBlauzahn@feddit.org 20 points 17 hours ago

Well you kind of need the cloud in energy production tech if you want to keep the energy network stable.

Wrong for distributed local smaller generators. You can regulate them via AC frequency.

It is also a bad idea because of a circular dependency: The Internet depends on a working electricity grid. The cloud needs the Internet to work. It is insane to make the electrical grid dependent from the cloud.

[โ€“] Waterpumpee@lemmus.org 4 points 16 hours ago

I dont think much is tested at all b4 selling it in EU. Slap CE on it, has no meaning anyway. If your product causes harm, you have a small cash limited company as strawman.

[โ€“] TIEPilot@lemmy.world 2 points 17 hours ago

This is well known in the US and have been found in much larger inverters.