here for the sunshine shenanigans

Category: news

  • Beware the “rogue communication devices”

    Beware the “rogue communication devices”

    Reuters published a story yesterday that seems alarming on its face — Chinese manufacturers may be putting secret communication devices in our solar inverters. 😱

    Quoting the piece by Sarah Mcfarlane, about the potential of secret communication equipment inside solar inverters:

    U.S. energy officials are reassessing the risk posed by Chinese-made devices that play a critical role in renewable energy infrastructure after unexplained communication equipment was found inside some of them, two people familiar with the matter said.

    Then, later in the piece, alleging similar things about some batteries:

    Over the past nine months, undocumented communication devices, including cellular radios, have also been found in some batteries from multiple Chinese suppliers, one of them said.

    And what’s our source for this? Well, two people familiar with the matter. Unnamed folks who have some amount of communication with US energy officials. Officials who clearly have our best interest in mind, considering that the current US Secretary of Energy is Chris Wright, who served as CEO of various fracking companies over the last 30 years, and is on the record as being an enemy of the clean energy movement.

    This does not eliminate the possibility of the technical details being correct, to be clear. I’ll get into that in a moment. But we must be skeptical of the source of this information, given that the US government is not terribly interested in being truthful with its populous right now.

    Also, keep in mind that no brands or models of equipment have been named. Makes it hard to follow up on this claim, which may be intentional.

    On the technical side, this reminds me of a very famous story in 2018 from Bloomberg called “The Big Hack”, which was widely seen as debunked, despite Bloomberg doubling down on the story in 2021. The premise was that China was using Super Micro to compromise the data centers of US tech companies with secret hardware that nobody knew about, a claim that remains unsubstantiated.

    Now look, “unexplained communication equipment” sounds scary. But there’s something extremely important to know about unexplained communication equipment. That stuff must actually connect.

    Let’s take the cellular radios, for example. Cellular radios must have an actual connection to the local cellular network — you need to have a deal with a company that has access to those actual cellular radios, make sure those SIM cards or eSIM registrations are in each inverter, and have them active from the very beginning of installation. Hypothetically, you could set each inverter to turn on the cell signal two months after first powering on, but this would all still be very easy to confirm. Spectrum analyzers are like $200 on Amazon.

    Same with satellite connections. Theoretically, there could be Chinese satellites over the US that would eliminate the need to make deals with US cell companies or towers, but you’d still need a persistent connection in order to get anything done, something that should be extremely easy to substantiate.

    Anything else would be laughably complicated and stupid, barring some new technology that only China knows about.

    As an aside, hardware CAN sometimes have things in it that simply aren’t used and will never be used by the software. When I hear someone talk about something unexpected in a chipset, I always think back to the iPod Touch 2nd Gen, which had FM radios built-in, despite never enabling the functionality. Sometimes it’s easier/cheaper to buy a hardware package with more connectivity than you need, and only support part of it.

    The biggest threat to solar inverter security is the software that uses the advertised communication hardware. As demonstrated by Deye when I wrote about them in November, any company that has its product monitored by its own systems usually has the ability to shut it down. This is a well-known concern about internet-of-things devices, and while Reuters’ piece names only utility companies as being at risk for this, utility companies are usually the only ones well-equipped to battle something like this.

    Hardware is a silly attack vector for communication, and only sounds scary. If there is an actual danger, we need substantiation, and this kind of supply-chain hardware sabotage has simply not been proven by anyone to be real.

  • Sick-Ass Panel Recycling Machine Video

    Terry Ko from PV Circonomy posted a video of the full process from beginning to end of their panel recycling machine. They say they can recycle 99% of the components of the panel. I’m a sucker for this kind of video, go watch it.

  • TikTok’s Ban Won’t Be Delayed

    Looks like TikTok is going to be given zero opportunity to avoid a ban. I’m gaining some traction on YouTube and elsewhere, so losing those followers will ultimately have a small effect, but I’m deeply sad about losing this weird little app.

    I wasn’t expecting to be this sad.

  • Deye Addresses Bricked Inverter Controversy

    Deye Addresses Bricked Inverter Controversy

    On Friday, Nov 15th, we started getting reports of bricked Deye inverters in the US, Canada, and elsewhere. I asked Deye for comment before I published my original article, and only now, two weeks after the incident, did Deye get back to me with a comment.

    It’s a fairly long statement, so I’m going to interject along the way to add context and harrumphs.

    Recently, some users have reported instances of pop-up alerts on their devices.
    To avoid any misunderstanding, Deye hereby issues the following statement:

    1.Region Where Pop-Up Alerts Occurred

    Based on the current investigation results, very few inverters have displayed pop-up notifications, all of which are located in the United States. Devices in other regions are not affected by this pop-up.

    According to reports, this doesn’t seem to be true. While it’s true that most reports I’ve seen are from Puerto Rico (I assume the gray market is strong there for these inverters), there have also been reports from Canada, and one I’ve seen from Panama. Perhaps there were casualties along the way, but it doesn’t seem like it was isolated to the United States.

    2.Reason for the Pop-Up Alerts

    Deye has not remotely controlled or interfered with your devices in any form. Currently, there is no evidence to suggest that these inverters have been maliciously remotely controlled via Deye’s cloud services.

    Harrumph.

    The contracts we sign with all dealers clearly stipulate that products that are not UL certified and listed by local power grid companies may not be sold or used in the United States, because the products do not meet US UL standards. If used in violation of this policy, the devices may pose significant-safety risks. To address this, Deye has built a verification mechanism into the devices. The pop-up alert is automatically triggered by the device’s authorization verification mechanism, rather than by any human intervention.

    The inverters produced by Deye routinely perform automatic checks of their authorization status.. If the device fails the authorization verification, a pop-up alert will notify the user. The purpose of this is to ensure the device is used in compliance with regulations.

    Now, this could be true, but I have a hard time with the idea that Deye inverters have performed this automatic check for longer than, say, two weeks. While Deye may not have maliciously (a word I haven’t used, nor do I think is accurate) remotely controlled the inverters, that doesn’t really eliminate the possibility of them remotely updating firmware to a version that starts performing these automatic checks.

    If they were able to provide a timeline of when this firmware began making these checks and how long that firmware has been available for the inverters, I’d be more willing to believe the statement as given. However, the fact that there is no timeline given at all is, as the most professional journalists say, sus.

    3.Statement on Sales and Technical Support in the U.S.

    According to Deye’s current business policy, Deye does not directly export or sell Deye brand inverters to the United States, and it requires distributors not to resell Deye brand inverters to the U.S. Therefore, Deye is currently unable to provide technical support for inverters in the U.S. market.

    4.Recommendations and Support

    To ensure the normal use and service experience of the device, Deye recommends that users who see pop-up prompts contact your seller or contact Deye directly as soon as possible to obtain legal authorization.

    The circulation of unauthorized devices disrupts the normal market order, potentially causing losses and risks for users who purchase unauthorized equipment, while also damaging Deye’s legitimate rights and interests.

    Deye urges users to purchase legitimate devices through authorized channels to protect their legal rights.

    While it’s still terrible that all of this happened in this way and that it wasn’t happening immediately upon installation of these inverters, this is probably the best response I could expect. It is objectively good to hold up their end of the exclusivity agreement they’ve signed with Sol-Ark and other brands. The sting of this statement is that the folks experiencing the pain of this alert probably bought the inverter from a dealer or installer who won’t answer their phone calls. Hopefully, there’s a resolution to be had for those people, who are caught in the gray-market crossfire.

    5.Deye’s Commitment

    Deye remains committed to maintaining market order and protecting the user experience and rights of all legitimate customers.

    Deye places great importance on cybersecurity and privacy protection, having established a multi-layered, comprehensive information security defense system.
    As always, Deye will continue to prioritize users and provide safe, reliable, and stable services and support.

    I mean yeah, this is what a company SHOULD say, and all of them do. The fact remains, most internet-connected inverters can theoretically be subjected to something like this, and there’s shockingly little work being done in the field to create options where the owner of the inverter is the ultimate holder of the keys.

    If you’re dealing with this issue in the United States or Puerto Rico, your best option is probably to take advantage of the discount Sol-Ark offers, which is active through the end of 2024. You can find those details in my previous article.

    If you’re dealing with this issue outside of the United States, it looks like your best plan is to contact Deye directly to get the inverter activated again.

  • SolarEdge officially launches new mobile app for installers

    I know I talk a lot of shit on SolarEdge, but the Go app is genuinely great, and one of the best things they’ve done for installers in a while.

  • Enphase releases portable off-grid battery

    Tell me NEM 3.0 is really hitting your bottom line without telling me NEM 3.0 is really hitting your bottom line 😅

  • Sol-Ark manufacturer reportedly disables all Deye inverters in the US

    Sol-Ark manufacturer reportedly disables all Deye inverters in the US

    Updated on Mon, Nov 18th, 6AM to add corroboration and Sol-Ark’s response, and 4PM to add an additional response from Sol-Ark, including changes in wording from “OEM” to “contract manufacturer”, a distinction highlighted by Sol-Ark. This story is still developing and may be subject to change.

    Update Nov 30: Deye has issued solarboi.com a statement regarding this issue, click here for that story.

    James Showalter, Founder/Owner of EG4 Electronics and Signature Solar, via DIY Solar Power Forum:

    Ethics-wise you are literally shutting down equipment homeowners paid for and depend on to fit some twisted business strategy.
    literally seeing dozens of people call me all morning, and I never even sold Deye

    Seemingly at the drop of a hat the morning of Friday, Nov 15th, Deye-branded inverters across the US were reportedly intentionally bricked with the message:

    This inverter is not allowed use at Pakistan/USA/UK

    Pakistan contact inverex
    USA contact Sol-Ark
    UK contact Sunsynk
    Pls return to your supplier. The following page requires a 5-digit pass code to start
    This pass code is automatically generated overseas

    Several others in the thread have corroborated this:

    Deye is the contract manufacturer of the Sol-Ark hybrid inverters, and Sol-Ark have the exclusive right to sell the inverters in the US since 2018, as shown in several lawsuits over the years. Deye-branded inverters have been sold for installation by several companies (seemingly in breach of Sol-Ark’s exclusivity agreement with Deye), and Sol-Ark has exercised its right to exclusivity through the court system.

    It’s unclear what the impetus is for this reported shutdown, why it’s happening now, and why it didn’t happen sooner. As many people in the DIY Solar Power Forum have noted, it seems unfair to bring innocent consumers into the fight, who probably have no idea what their inverter brand even is.

    One forum user called Sol-Ark on Saturday. The tech who answered the phone seemed to have no idea what the issue was but did say he got some calls from Canada about the same issue. This is backed up by newageddrywall’s post in the forum, as well. Between this and the report from Panama, it seems this may not be limited to inverters in US territories.

    Deye has not given a public statement on this issue yet, but Sol-Ark gave me this statement:

    Sol-Ark has learned of the situation caused by the unauthorized sales of Deye-branded inverters within Puerto Rico and the USA. Though Sol-Ark has no control over Deye’s actions, we recognize that the messaging conveyed through the Deye-branded inverter’s screen suggests Sol-Ark can provide warranty or service for these cases, which we cannot. Though we are not responsible for Deye-branded inverters or any inverters that are not branded and sold by Sol-Ark or through an authorized Sol-Ark distributor or reseller, Sol-Ark has determined to offer a possible solution to those consumer households that have purchased Deye-branded inverters.

    Sol-Ark’s mission, as a veteran-owned company created 12 years ago, is to enable the most reliable, innovative, and affordable energy storage solutions to power families and businesses. Because of this mission and the direct effect that Deye’s actions may have on individual families, for the period from November 15, 2024 through December 31, 2024, Sol-Ark will permit each consumer household that has installed a Deye-branded inverter and has had that inverter’s functions disabled by Deye, to purchase a new Sol-Ark inverter of equivalent performance at a substantially discounted price. If you purchase a Sol-Ark inverter under this limited program, Sol-Ark will pay to have the Sol-Ark unit shipped to your address in Puerto Rico. Sol-Ark will not make this offer available to any person after December 31, 2024. The offer is limited to consumer households and is not being made available to commercial entities or for installation at commercial facilities (only residential locations). Sol-Ark will not be responsible, and will not pay, for any costs related to installation of the Sol-Ark inverter, removal of any Deye inverter or for any damage that may have been caused by the Deye inverter or Deye’s actions.

    To take advantage of this offer, the homeowner should take a photo of the serial number and model number of their Deye inverter and then contact Adriana Navarro of Sol-Ark at +1 (214) 919-1632 to initiate the process during normal business hours between 8 AM and 5 PM Eastern Standard Time, Monday through Friday. Sol-Ark will retain the full right and discretion to make final determinations regarding the availability of this program and the terms under which it operates.

    This response would suggest that higher-ups at Sol-Ark are not party to the reason for the shutdown, and that the shutdown was done solely at Deye’s discretion.

    To address potential concerns about internet-connected Sol-Ark inverters, Simon McLean, Vice President of Marketing for Sol-Ark, commented this:

    Sol-Ark inverters are managed, updated and serviced through Sol-Ark’s proprietary “MySolArk” platform, which has been designed and implemented to ensure the security and privacy of Sol-Ark customers. Data obtained through the platform is processed and maintained by Sol-Ark in the U.S. and used solely in accordance with Sol-Ark privacy policies. For further information on Sol-Ark’s privacy policies, see www.sol-ark.com/privacy-policy/.  Energy security, resiliency and customer privacy are fundamental Sol-Ark tenets, and we will continue to develop and deploy the MySolArk platform with data and energy security at the forefront.

    This situation is not only concerning because people may be without their solar production and backup power right now, but also because it seemed incredibly easy for a company in China to flip this switch on their inverters that brought power production to a halt. It brings to mind the mind-boggling amount of solar installed in the US that’s producing power using Chinese-manufactured inverters. As tensions and trade wars escalate with China, it’s an uncomfortable level of leverage that China may hold over our country.

    Plus, country-level politics aside, the internet-connectedness of all solar installed over the last 5-10 years is a huge potential problem, illustrated by this exact situation. By default, most inverter manufacturers have ways to remotely configure inverters, and those internal systems pose large targets for cyber attackers. If any of the big manufacturer’s systems are breached, that’s gonna be a real bad time.

    It’s easy to start running down the cliff of assumptions, but our takeaway here as installers is to be very careful what inverters we install (making sure there is official and direct support in the US), and even start thinking about more secure networking structures for the systems we install, especially if they’re used for backup power in the case of an outage, or used as off-grid inverters entirely.

    It’s unknown what the resolution for this will be for the affected customers. It truly is shitty that Deye didn’t run this geographical check at the initial installation of these inverters. This will likely penalize the wrong people as a result.

  • A Bonkers Summer for Solar

    A Bonkers Summer for Solar

    Let’s talk about what all has developed in UL 3741 news this summer! It was a lil bit crazy and a lot of fun.

    A ton of news around a bunch of companies, including Tesla, Unirac, Solis, Ironridge, MidNite Solar, Pegasus, TerraGen, EZ Solar, and more!

    Make sure to check out https://ul3741.com to stay updated on UL 3741 news and product compatibility.

  • Smarter Shutdown from SMA (RE+ 2024)

    Smarter Shutdown from SMA (RE+ 2024)

    Talked with TJ from SMA America about their upcoming 3-in-1 rapid shutdown device at RE+ this year!

    The SMA Smart Shutdown is a 3-in-1 device (1 SSS can shut down 3 panels), and is RAIL-mounted, not panel mounted. Could be a pretty great option. It’s not string shutdown yet, but design-wise, the install process looks to be better than any other rapid shutdown device I’ve seen out there so far.

    SMA says the SMA Smart Shutdown is coming in Q2 of 2025, along with their larger Sunny Boy Smart Energy and Home Storage products.

  • Straight to Jail – RE+ 2024 Hall of Shame

    I get press missives now, and I guess Mercom Capital sends the press a “top 10 startups” list after RE+ every year. I had fun looking through it – there are some eye-rolls, as there always are when big-money folk try to assess what technology has a meaningful chance to make it big, but one, in particular, stood out to me.

    Ladies and gentlefolk, may I present Sundial, a supposed universal tracker.

    Sundial is billed as three things:

    1. A luxury upsell, to increase the installer’s revenue per project
    2. Allow for selling smaller systems, reducing cost to get more customers through the door
    3. Offer retrofits for customers who are unhappy with the performance of a system they were sold

    On the plus side, I’m sure getting parts for this thing if/when the moving parts fail would not be difficult, because it looks like something built in someone’s garage. All the promo videos appear to be sped up, and the motor is extremely loud.

    Considering this would be ADDED to a “normal” installation (fastened to whatever racking system you have, with the module attached to the Sundial), you need one for every single panel in an installation. Imagine 20 of those motors on your roof, whining throughout the day.

    It also looks extremely inflexible. It says it can be for seasonal tracking or daily tracking, depending on orientation, which is laughable to me. For instance, on a residential system with a few rows of modules in an array, just about any individual panel tilt is going to end up shading another module unless you design the system with farther spacing. The tile angle only goes in one direction, starting with the face of the roof. There are very few situations where this might have a meaningful impact on production, which all but eliminates selling point number 3.

    That’s not even the worst part about trying to sell this to dissatisfied solar customers. To install this, you’re adding extra weight, and you’d need to redo engineering/permits. You’re adding greater system complexity with motors. If God forbid, one of the 10-20 motors you installed on someone’s roof fails, and they’re ALREADY unhappy? That’s a nightmare for customer experience.

    As for selling points 1 and 2, number 1 is a despicable reason to pick up a product by itself. Luxury upsells are fine, but you need to be talking about how they bring the customer value. For number 2, I cannot see a way that this will result in less cost overall for customers unless they have an incredibly good price point and an amazing ease-of-installation story.

    To be frank, I do think it’s a fun idea. But maybe just for hobbyists. It’s not a product that has real potential in the larger market. Its failure will be from trying to accommodate far too many situations without an extremely good reason to exist.

    Rocking Solar, another company featured in Mercom’s startup list, is an interesting contrast here. Their scope is extremely narrow, and they do a lot of work to emphasize the reliability of the parts they’re using. They aren’t for retrofit. They’ve narrowed the motor/panel ratio to potentially 1:100. It’s still added complexity and a bunch of moving parts (which by default makes me grumpy), but they have numbers to support the product and specific, sensible reasons why you might use it.

    Ultimately, I’m ranting because the big-money people often don’t understand the products they give attention to. I feel like Sundial either had excellent connections to get this sort of attention, or someone at Mercon said, “oh cool, a residential tracker, I haven’t seen that before, so it’s gotta go on our list.”

    It’s a fun demo but a stupid product, as it stands right now.

0
    0
    Your Cart
    Your cart is emptyReturn to Shop
    Continue Shopping