I love the narrative of a Chinese manufacturer selling electronics to the West only to one day shut everything off for no reason at all than to fuck with people and disappear and for people to find out the supposedly registered company never existed. It's like a trashy, second-rate William Gibson knock off novel but there's something awfully amusing about it.
Frankly it doesn’t even require (special) maliciousness (per-se) - spinning up random ‘brands’ to sell to rubes on Amazon while obfuscating beneficial owners is essentially standard operating procedure.
The only surprising thing here is they took an action to brick something instead of just abandoning it.
>The only surprising thing here is they took an action to brick something instead of just abandoning it.
You're right, but I wouldn't say surprising. I do wonder what would happen if the units just stopped working outright one day and they're all intended to be gridded and nothing works properly anymore and the distributors are stumped and can't get ahold of anyone.
Fair point - it would be trivial frankly to embed a ‘bug’ which causes them to all brick at some arbitrary point in the future too. Considering the level the firmware works at, probably even catch on fire.
Probably wrong to classify the manufacturer as malicious rather than the importer. Sounds like these units were brought to the US in violation of contractual agreements and thus were disabled when the manufacturer decided to enforce it.
It's likely they had no contractual agreement with the current owners of the inverters, and yet they have elected to wilfully damage the property of the current owners because they can.
Wilfully damaging someone else's property without permission of the current owner seems pretty malicious, regardless of whether the importers (or maybe someone who supplied to the importer) were in breach of a contract.
But regardless, they're clearly not owned by Deye any longer. Causing damage to an unrelated party in retaliation for a contract dispute between two manufacturers is not OK.
Wait, what? So defending your rights under an exclusivity agreement through the courts is somehow now "forcing" their hand? The evil Sol-Ark by suing for compliance to their contract pushed the hapless Deye into bricking consumers hardware?
I’m curious about the lawsuit and the proposed remedy sought by Sol-Ark. If the remedy was to stop selling them in the US then the fault is Deye’s. However, if they sought to have all non-SolArk branded inverters stop working in the US then yes they did force Deye’s hands. The fact that Deye’s message was to tell owners of the bricked devices to contact SolArk is interesting because that would direct opportunities to them.
So far we’ve only been able to hear the story from one of the two parties. The truth may even be a misunderstanding in between with no malicious intent on either party. Maybe SolArk wanted Deye to adhere to their agreement but Deye inverters might be getting to the US via third parties. So Deye thought the only way to enforce it is to detect if the device is in the US and brick them. It’s hard to know the backstory here without hearing Deye’s side but it doesn’t seems like Deye wants to talk.
It’s a bit early to assign blame to either party I think.
Usually you want some way of monitoring how much energy your panels are producing. This helps to realise you need to clean the panels or do some maintenance if panels start failing. Or it may be useful for scheduling home appliance usage.
But in practice this almost always means connecting to the internet, because the simplest interface is wifi and data collection/display at the producer's servers. So any extra features == internet connection.
Don't plug it in unless you have the expertise to already know the answer to that question. That should also be your advice to any friends/family. Plugging something like this into a network is a horrifically bad idea.
This is like asking people on the Internet how to safely mix random household cleaning chemicals. If you don't have the background to answer that yourself, you should not be doing household chemistry.
I stuck IOT stuff on a cheap linksys WRT router with ExpressVPN firmware. It forces all clients out over that so Nest, Amazon et al can’t snitch or sell my demographics or billing address to people. Not tying it to my home IP anyway.
but this require a DMZ or a second external IP address (I have both with centurylink) because if it’s double nat on your home network. Thee devices can access your home network.
I have a sunsynk inverter which is the same hardware as deye but apparently different software. I have it hooked up to a Pi4b running home assistant using this https://github.com/kellerza/sunsynk and it has no direct internet access. I can connect to my home network using tailscale to monitor power usage and generation through the HA app if I'm not at home
Often the equipment won’t actually work either if you try to filter it meaningfully. I’ve had IoT cameras (in particular) that would brick themselves if you didn’t allow 443 to all Amazon IP blocks. :s
Mainly data collection (previous lead dev at solar forecasting startup). All the web UIs to view usage are also collecting useful information that can be used in forecasting models. One of the researches I worked with wrote some papers on using distributed home solar output measurements to assist with generating higher resolution irradiance forecasts and estimated actuals/observations. You have to do a lot of data cleaning to get this reliable though. Anyway, this data from memory was bought/sold for various research/commercial weather modeling.
That part is independent of internet connection. Especially since you can't rely on the internet connection in case of power delivery issues. It's a completely different network.
The trouble is that there needs to be some way for the grid operator to take x % of generating capability off-line or bring y % more on-line, and the panels themselves can't decide autonomously, so there must be an external data connection. Maybe not through internet but cellphone data connection, but the grid operator has to have control about how much power goes into the grid.
Any idea what the impact is for the state grids? I wonder if they got a sudden drop in feed-ins and whether it affects pricing.
Any idea how common this manufacturer is across the place?
I'm not from the states, but I do know that if my solar would be bricked, it would take me weeks to find out. I don't exactly check up on it and it's out of sight.
Most of the users of these products were off grid.
A number of the products used in off grid installs have invasive IOT remote access/administration.
It's only a matter of time until it leads to loss of life-- e.g. from people who freeze to death because they can't reconfigure or turn up a system without internet access which is out or doesn't work without power--, if it hasn't already.
Can the firmware still be flashed? I found cloud-free custom firmware exists for these inverters with a quick search, so if the units can still be flashed many units may be salvageable.
I have never had my utility power cut for any cause other than storm/ice damage. And it's generally back on within a day, without any involvement on my part. If a hailstorm destroys my rooftop panels or a misbehaving vendor remotely shuts off my inverter, these are problems I now have to solve for myself. No thanks.
Your panels are covered by your home insurance, just like your roof. So you'd already be talking to your insurance agent if you had any hailstorm damage your home. I'm really sure I see the point.
reply