Shodan's been used to find webcams with security so low that you only needed to type an IP address into your browser to peer into people's homes, security offices, hospital operating rooms, child care centers and drug dealer operations. "It's scary that there are power plants connected to the Internet." "I don't consider my search engine scary," says Matherly. An industry report from Swedish tech company Ericsson estimates that 50 billion devices will be networked by 2020 into an "Internet of Things." Matherly's the only one putting the results of the surveying into a public search engine. Instead, it's become a crucial tool for security researchers, academics, law enforcement and hackers looking for devices that shouldn't be on the Internet or devices that are vulnerable to being hacked. Matherly originally thought Shodan would be used by network behemoths like Cisco, Juniper or Microsoft to canvas the world for their competitors' products. "It's a reference other hackers and nerds will understand." He named it after the villainous sentient computer in the videogame System Shock. I crawl for devices," says John Matherly, the tall, goateed 29-year-old who released Shodan in 2009. A search for the type of baby monitor used by the Gilberts reveals that more than 40,000 other people are using the IP cam-and may be sitting ducks for creepy hackers. It has found cars, fetal heart monitors, office building heating-control systems, water treatment facilities, power plant controls, traffic lights and glucose meters. Shodan crawls the Internet looking for devices, many of which are programmed to answer. It's likely the tool the pervy hacker used to find him. He could find other plaintiffs using a search engine called Shodan. Gilbert is now considering a class action against Foscam. When Gilbert checked his Foscam account, he discovered that the hacker had added his own user name-"Root"-so he could sign in whenever he wanted. Months earlier security researchers had discovered software flaws in the product that allowed attackers to take control of the monitor remotely or to sign into its stream if they used the user name "admin." Foscam had quietly come up with a fix the month before but had not pushed it out to its users. The monitor, made by Foscam of Shenzhen, China, lets users monitor audio and video over the Internet from anywhere in the world.
0 kommentar(er)
