Shodan Safari, where hackers heckle the worst devices put on the internet

If you leave something on the internet long enough, someone will hack it.

The reality is that many device manufacturers make it far too easy by using default passwords that are widely documented, allowing anyone to log in as “admin” and snoop around. Often, there’s no password at all.

Enter “Shodan Safari,” a popular part-game, part-expression of catharsis, where hackers tweet and share their worst finds on Shodan, a search engine for exposed devices and databases popular with security researchers. Almost anything that connects to the internet gets scraped and tagged in Shodan’s vast search engine — including what the device does and internet ports are open, which helps Shodan understand what the device is. If a particular port is open, it could be a webcam. If certain header comes back, it’s backend might be viewable in the browser.

Think of Shodan Safari as internet dumpster diving.

From cameras to routers, hospital CT scanners to airport explosive detector units, you’d be amazed — and depressed — at what you can find exposed on the open internet.

Like a toilet, or prized pot plant, or — as we see below — someone’s actual goat.

The reality is that Shodan scares people — and it should. It’s a window into the world of absolute insecurity. It’s not just exposed devices but databases — storing anything from two-factor codes to your voter records, and where you’re going to the gym tonight. But devices take up the bulk of what’s out there. Exposed CCTV cameras, license plate readers, sex toys, and smart home appliances. If it’s out there and exposed, it’s probably on Shodan.

If there’s ever a lesson to device makers, not everything has to be connected to the internet.

Here’s some of the worst things we’ve found so far. (And here’s where to send your best finds.)

An office air conditioning controller. (Screenshot: Shodan)

 

A weather station monitor at an airport in Alabama. (Screenshot: Shodan)

 

A web-based financial system at a co-operative credit bank in India. (Screenshot: Shodan)

 

For some reason, a beef factory. (Screenshot: Shodan)

 

An electric music carillon near St. Louis. used for making church bell melodies. (Screenshot: Shodan)

 

A bio-gas production and refinery plant in Italy. (Screenshot: Shodan)

 

A bird. Just a bird. (Screenshot: Shodan via @Joshbal4)

 

A brewery in Los Angeles. (Screenshot: Shodan)

 

The back end of a cinema’s projector system. Many simply run Windows. (Screenshot: Shodan via @tacticalmaid)

 

The engine room of a Dutch fishing boat. (Screenshot: Shodan)

 

An explosive residue detector at Heathrow Airport’s Terminal 3. (Screenshot: TechCrunch)

 

A fish tank water control and temperature monitor. (Screenshot: Shodan)

 

A climate control system for a flower store in Colorado Springs. (Screenshot: Shodan)

 

The web interface for a Tesla PowerPack. (Screenshot: Shodan via @xd4rker)

 

An Instagram auto-follow bot.(Screenshot: Shodan)

 

A terminal used by a pharmacist. (Screenshot: Shodan)

 

A controller for video displays and speakers at a Phil’s BBQ restaurant in Texas. (Screenshot: Shodan)

 

A Kodak Lotem printing press. (Screenshot: Shodan)

 

Someone’s already hacked lawn sprinkler system. Yes, that’s Rick Astley. (Screenshot: Shodan)

 

A sulfur dioxide detector. (Screenshot: Shodan)

 

An internet-connected knee recovery machine. (Screenshot: Shodan)

 

Somehow, a really old version of Windows XP still in existence. (Screenshot: Shodan)

 

Someone’s workout machine. (Screenshot: Shodan)

Walmart taps startup Udelv to test autonomous grocery deliveries in Arizona

More autonomous vehicles are poised to descend on Arizona. This time, Walmart has signed a deal with startup Udelv to test the use of autonomous vans to deliver online grocery orders to customers.

Under the agreement, Udelv will provide its second-generation autonomous delivery van called the Newton to Walmart to deliver groceries in Surprise, Arizona. The trial is set to begin in February, Udelv announced Tuesday at CES 2019.

The Newton, which is being shown at CES, is based on Baidu’s latest Apollo 3.5 open-source software platform.

The Walmart pilot isn’t the only deal that Udelv has locked in and announced at CES 2019. Up to 100 Udelv ADVs will be deployed in 2019 for last and middle-mile delivery on public roads in several cities throughout the country, the company said.

Udelv announced a contract with automotive aftermarket parts distribution business XL Parts to use self-driving delivery vans in Houston, Texas. Udelv said it will provide up to 10 ADVs to XL Parts with the first vehicle will be delivered in mid 2019. 

 strategic investment from Japanese business giant Marubeni Corporation. The company, which has already completed about 1,200 deliveries on public roads in San Francisco for more than a dozen paying clients, didn’t disclose the amount of the strategic investment.  

Udelv said the collaboration between the two companies will serve to fast-track Udelv’s expansion, leveraging the buying power and various other internal resources of the Marubeni Corporation.

The deal with Walmart is small for now, but could prove to be a turning point for Udelv, if it’s successful.

The autonomous delivery vans will operate with safety drivers until both companies as well as regulators deem them approved for a safe removal of the safety driver, Udelv said.

These self-driving delivery vans will be able to travel distances at speeds of up to 60 miles per hour on urban and suburban roads, including highways. The vans are outfitted with a cargo system designed to carry up to 32 customer orders per delivery cycle. 

Walmart’s agreement with Udelv follows Walmart’s pilot program with self-driving company Waymo that launched last year. Waymo is taking its early rider program passengers to and from a Walmart store in Chandler, a suburb of Phoenix. 

Elon Musk’s vision of spaceflight is gorgeous

The image here come from Elon Musk and is concept art of the Starship test vehicle SpaceX is currently assembling at its Boca Chica, Texas launch facility. The real thing will be even better. This test vehicle is shorter and lacks the windows of the production ship that will eventually go into production.

This March or April SpaceX intends to launch the rocket to suborbital heights to prove the viability of the Starship’s systems. Orbital flights are said to be on the books for 2020.

The Starship, previously named BFR, is key to the next phase of SpaceX’s plans. The company intends to use this model as its primary launch vehicle, eventually replacing the current Falcon and Falcon Heavy rockets. SpaceX intends to the Starship to be rocket to rule them all. And it’s going to look good doing it.

3D printed gun activist Cody Wilson indicted for sexual assault

The State of Texas has indicted Cody Wilson, a 3D printed gun rights activist who fought to allow makers post and print guns, of sexual assault after he had sex with a 17-year-old girl he met on a site called SugarDaddyMeet.com. The indictment, posted on Ars, notes that he faces “four counts of sexual assault of a child, two charges of indecency with a child by contact, and two charges of indecency with a child by exposure.”

The charges are punishable by up to 20 years in prison and a $10,000 fine. His company, DefenseDistributed, has dumped him as founder. The affidavit on the crime said Wilson used the name Sanjuro on the site and that he paid the 17-year-old $500 for sex.

Wilson is out on $150,000 bond and not yet in jail. He rose to prominence for supporting 3D printed guns as far back as 2013, causing a panic that reduced interest in the 3D printing industry and led to a court decision in July that found 3D printed gun plans to be legal.

Apple plans major US expansion including a new $1 billion campus in Austin

Apple has announced a major expansion that will see it open a new campus in North Austin and open new offices in Seattle, San Diego and Los Angeles as it bids to increase its workforce in the U.S. The firm said it intends also to significantly expand its presence in Pittsburgh, New York and Boulder, Colorado over the next three years.

The Austin campus alone will cost the company $1 billion, but Apple said that the 133-acre space will generate an initial 5,000 jobs across a broad range of roles with the potential to add 10,000 more. The company claims to have 6,200 employees in Austin — its largest enclave outside of Cupertino — and it said that the addition of these new roles will make it the largest private employer in the city.

Beyond a lot of new faces, the new campus will include more than 50 acres of open space and — as is standard with Apple’s operations these days — it will run entirely on renewable energy.

Apple already has 6,200 employees in Austin, but its new campus could add up to 15,000 more

The investment was lauded by Texas Governor Greg Abbott.

“Their decision to expand operations in our state is a testament to the high-quality workforce and unmatched economic environment that Texas offers. I thank Apple for this tremendous investment in Texas, and I look forward to building upon our strong partnership to create an even brighter future for the Lone Star State,” he said in a statement shared by Apple.

But Austin isn’t the only focal point for Apple growth in the U.S.

Outside of the Austin development, the iPhone-maker plans to expand to over 1,000 staff Seattle, San Diego and LA over the next three years, while adding “hundreds” of staff in Pittsburgh, New York, Boulder, Boston and Portland, Oregon.

More broadly, Apple said it added 6,000 jobs to its U.S. workforce this year to take its total in the country to 90,000. It said it remains on track to create 20,000 new jobs in the U.S. by 2023.

WTF is happening to crypto?

Four days ago the crypto markets were crashing hard. Now they’re crashing harder. Bitcoin, which hasn’t fallen past $6,000 for months, has dumped to $4,413.99 as of this morning, and nearly everything else is falling in unison. Ethereum, flying high at $700 a few months ago, is at $140. Coinbase, that bastion of crypto stability, is currently sporting a series of charts that look like Aspen black-diamond ski runs.

What is happening? There are a number of theories, and I’ll lay out a few of them here. Ultimately, sentiment is bleak in the crypto world, with bull runs being seen as a thing of a distant past. As regulators clamp down, pie-in-the-sky ideas crash and shady dealers take their shady dealings elsewhere, the things that made cryptocurrencies so much fun — and so dangerous — are slowly draining away. What’s left is anyone’s guess, but at least it will make things less interesting.

The bag holder theory

November was supposed to be a good month for crypto. Garbage sites like FortuneJack were crowing about bitcoin stability while the old crypto hands were optimistic and pessimistic at the same time. Eric Vorhees, founder of ShapeShift, felt that the inevitable collapse of the global financial system is good for folks with at least a few BTC in their wallets.

Others, like the Binance CEO Changpeng Zhao, are expecting a bull run next year and said his company was particularly profitable.

Ultimately, crypto hype moves the market far more than it has any right to, and this is a huge problem.

So who do you believe, these guys or your own lying eyes? That’s a complex question. First, understand that crypto is a technical product weaponized by cash. Companies like Binance and Coinbase will work mightily to maintain revenue streams, especially considering Coinbase’s current level of outside investment. These are startups that can literally affect their own value over time. We’ll talk about that shortly. Ultimately, crypto hype hasn’t been matching reality of late, a major concern to the skittish investor.

“I think that the downturn is due to things not going up as much as people had wanted. Everyone was expecting November to be a bull month,” said Travin Keith, founder of Altrean. “When things indicated that it wasn’t going that way, those who were on borrowed time, such as those needing some buffer, or those in the crypto business needing some money, needed to sell.”

Tether untethered

Tether has long been the prime suspect in the Bitcoin run up and crash. Created by an exchange called Bitfinex, the currency is pegged to the dollar and, according to the exchange itself, each tether — about $2.7 billion worth — is connected to an actual dollar in someone’s bank account. Whether or not this is true has yet to be proven, and the smart money is on “not true.” I’ll let Jon Evans explain:

What are those whiffs of misconduct to which I previously referred? I mean. How much time do you have? One passionate critic, known as Bitfinexed, has been writing about this for quite some time now; it’s a pretty deep rabbit hole. University of Texas researchers have accused Bitfinex/Tether of manipulating the price of Bitcoin (upwards.) The two entities have allegedly been subpoenaed by US regulators. In possibly (but also possibly not — again, a fog of mystery) related news, the US Justice Department has opened a criminal investigation into cryptocurrency price manipulation, which critics say is ongoing. Comparisons are also being drawn with Liberty Reserve, the digital currency service shut down for money laundering five years ago:

So what the hell is going on? Good question. On the one hand, people and even companies are innocent until proven guilty, and the opacity of cryptocurrency companies is at least morally consistent with the industry as a whole. A wildly disproportionate number of crypto people are privacy maximalists and/or really hate and fear governments. (I wish the US government didn’t keep making their “all governments become jackbooted surveillance police states!” attitude seem less unhinged and more plausible.)

But on the other … yes, one reason for privacy maximalism is because you fear rubber-hose decryption of your keys, but another, especially when anti-government sentiment is involved, is because you fear the taxman, or the regulator. A third might be that you fear what the invisible hand would do to cryptocurrency prices, if it had full leeway. And it sure doesn’t look good when at least one of your claims, e.g. that your unaudited reserves are “subject to frequent professional audits,” is awfully hard to interpret as anything other than a baldfaced lie.

Now Bloomberg is reporting that the U.S. Justice Department is looking into Bitfinex for manipulating the price of Bitcoin. The belief is that Bitfinex has allegedly been performing wash trades that propped up the price of Bitcoin all the way to its previous $20,000 heights. “[Researchers] claimed that Tether was used to buy Bitcoin at pivotal periods, and that about half of Bitcoin’s 1,400 percent gain last year was attributable to such transactions,” wrote Bloomberg. “Griffin briefed the CFTC on his findings earlier this year, according to two people with direct knowledge of the matter.”

This alone could point to the primary reason Bitcoin and crypto are currently in free fall: without artificial controls, the real price of the commodity becomes clear. A Twitter user called Bitfinex’d has been calling for the death of Tether for years. He’s not very bullish on the currency in 2019.

“I don’t know the when,” Bitfinex’d said. “But I know Tether dies along with Bitfinex.”

Le shitcoin est mort

As we learned last week, the SEC is sick of fake utility tokens. While the going was great for ICOs over the past few years with multiple companies raising millions if not billions in a few minutes, these salad days are probably over. Arguably, a seed-stage startup with millions of dollars in cash is more like a small VC than a product company, but ultimately the good times couldn’t last.

What the SEC ruling means is that folks with a lot of crypto can’t slide it into “investments” anymore. However, this also means that those same companies can be more serious about products and production rather than simply fundraising.

SEC intervention dampens hype, and in a market that thrives on hype, this is a bad thing. That said, it does mean that things will become a lot clearer for smaller players in the space, folks who haven’t been able to raise seed and are instead praying that token sales are the way forward. In truth they are, buttoning up the token sale for future users and, by creating regulation around it, they will begin to prevent the Wild West activity we’ve seen so far. Ultimately, it’s a messy process, but a necessary one.

“It all contributes to greater BTC antifragility, doesn’t it?,” said crypto speculator Carl Bullen. “We need the worst actors imaginable. And we got ’em.”

Bitmain

One other interesting data point involves Bitmain. Bitmain makes cryptocurrency mining gear and most recently planned a massive IPO that was supposed to be the biggest in history. Instead, the company put these plans on hold.

Interestingly, Bitmain currently folds the cryptocurrency it mines back into the company, creating a false scarcity. The plan, however, was for Bitmain to begin releasing the Bitcoin it mined into the general population, thereby changing the price drastically. According to an investor I spoke with this summer, the Bitmain IPO would have been a massive driver of Bitcoin success. Now it is on ice.

While this tale was apocryphal, it’s clear that these chicken and egg problems are only going to get worse. As successful startups face down a bear market, they’re less likely to take risks. And, as we all know, crypto is all about risk.

Abandon all hope? Ehhhhh….

Ultimately, crypto and the attendant technologies have created an industry. That this industry is connected directly to stores of value, either real or imagined, has enervated it to a degree unprecedented in tech. After all, to use a common comparison between Linux and blockchain, Linus Torvalds didn’t make millions of dollars overnight for writing a device driver in 1993. He — and the entire open-source industry — made billions of dollars over the past 27 years. The same should be true of crypto, but the cash is clouding the issue.

Ultimately, say many thinkers in the space, the question isn’t whether the price goes up or down. Instead, of primary concern is whether the technology is progressing.

“Crypto capitulation is once again upon us, but before the markets can rise again we must pass through the darkest depths of despair,” said crypto guru Jameson Lopp. “Investors will continue to speculate while developers continue to build.”

Cities that didn’t win HQ2 shouldn’t be counted out

The more than year-long dance between cities and Amazon for its second headquarters is finally over, with New York City and Washington, DC, capturing the big prize. With one of the largest economic development windfalls in a generation on the line, 238 cities used every tactic in the book to court the company – including offering to rename a city “Amazon” and appointing Jeff Bezos “mayor for life.”

Now that the process, and hysteria, are over, and cities have stopped asking “how can we get Amazon,” we’d like to ask a different question: How can cities build stronger start-up ecosystems for the Amazon yet to be built?

In September 2017, Amazon announced that it would seek a second headquarters. But rather than being the typical site selection process, this would become a highly publicized Hunger Games-esque scenario.

An RFP was proffered on what the company sought, and it included everything any good urbanist would want, with walkability, transportation and cultural characteristics on the docket. But of course, incentives were also high on the list.

Amazon could have been a transformational catalyst for a plethora of cities throughout the US, but instead, it chose two superstar cities: the number one and five metro areas by GDP which, combined, amounts to a nearly $2 trillion GDP. These two metro areas also have some of the highest real estate prices in the country, a swath of high paying jobs and of course power — financial and political — close at hand.

Perhaps the take-away for cities isn’t that we should all be so focused on hooking that big fish from afar, but instead that we should be growing it in our own waters. Amazon itself is a great example of this. It’s worth remembering that over the course of a quarter century, Amazon went from a garage in Seattle’s suburbs to consuming 16 percent — or 81 million square feet — of the city’s downtown. On the other end of the spectrum, the largest global technology company in 1994 (the year of Amazon’s birth) was Netscape, which no longer exists.

The upshot is that cities that rely only on attracting massive technology companies are usually too late.

At the National League of Cities, we think there are ways to expand the pie that don’t reinforce existing spatial inequalities. This is exactly the idea behind the launch of our city innovation ecosystems commitments process. With support from the Schmidt Futures Foundation, fifty cities, ranging from rural townships, college towns, and major metros, have joined with over 200 local partners and leveraged over $100 million in regional and national resources to support young businesses, leverage technology and expand STEM education and workforce training for all.

The investments these cities are making today may in fact be the precursor to some of the largest tech companies of the future.

With that idea in mind, here are eight cities that didn’t win HQ2 bids but are ensuring their cities will be prepared to create the next tranche of high-growth startups. 

Austin

Austin just built a medical school adjacent to a tier one research university, the University of Texas. It’s the first such project to be completed in America in over fifty years. To ensure the addition translates into economic opportunity for the city, Austin’s public, private and civic leaders have come together to create Capital City Innovation to launch the city’s first Innovation District at the new medical school. This will help expand the city’s already world class startup ecosystem into the health and wellness markets.

Baltimore

Baltimore is home to over $2 billion in academic research, ranking it third in the nation behind Boston and Philadelphia. In order to ensure everyone participates in the expanding research-based startup ecosystem, the city is transforming community recreation centers into maker and technology training centers to connect disadvantaged youth and families to new skills and careers in technology. The Rec-to-Tech Initiative will begin with community design sessions at four recreation centers, in partnership with the Digital Harbor Foundation, to create a feasibility study and implementation plan to review for further expansion.

Buffalo

The 120-acre Buffalo Niagara Medical Center (BNMC) is home to eight academic institutions and hospitals and over 150 private technology and health companies. To ensure Buffalo’s startups reflect the diversity of its population, the Innovation Center at BNMC has just announced a new program to provide free space and mentorship to 10 high potential minority- and/or women-owned start-ups.

Denver

Like Seattle, real estate development in Denver is growing at a feverish rate. And while the growth is bringing new opportunity, the city is expanding faster than the workforce can keep pace. To ensure a sustainable growth trajectory, Denver has recruited the Next Generation City Builders to train students and retrain existing workers to fill high-demand jobs in architecture, design, construction and transportation. 

Providence

With a population of 180,000, Providence is home to eight higher education institutions – including Brown University and the Rhode Island School of Design – making it a hub for both technical and creative talent. The city of Providence, in collaboration with its higher education institutions and two hospital systems, has created a new public-private-university partnership, the Urban Innovation Partnership, to collectively contribute and support the city’s growing innovation economy. 

Pittsburgh

Pittsburgh may have once been known as a steel town, but today it is a global mecca for robotics research, with over 4.5 times the national average robotics R&D within its borders. Like Baltimore, Pittsburgh is creating a more inclusive innovation economy through a Rec-to-Tech program that will re-invest in the city’s 10 recreational centers, connecting students and parents to the skills needed to participate in the economy of the future. 

Tampa

Tampa is already home to 30,000 technical and scientific consultant and computer design jobs — and that number is growing. To meet future demand and ensure the region has an inclusive growth strategy, the city of Tampa, with 13 university, civic and private sector partners, has announced “Future Innovators of Tampa Bay.” The new six-year initiative seeks to provide the opportunity for every one of the Tampa Bay Region’s 600,000 K-12 students to be trained in digital creativity, invention and entrepreneurship.

These eight cities help demonstrate the innovation we are seeing on the ground now, all throughout the country. The seeds of success have been planted with people, partnerships and public leadership at the fore. Perhaps they didn’t land HQ2 this time, but when we fast forward to 2038 — and the search for Argo AISparkCognition or Welltok’s new headquarters is well underway — the groundwork will have been laid for cities with strong ecosystems already in place to compete on an even playing field.

After extradition to Texas, 3D-printed gunmaker Cody Wilson is out on bail

Last week, after Hatreon creator and 3D-printed gun activist Cody Wilson was charged with the sexual assault of a minor, he managed to evade arrest briefly in Taipei. On Friday, authorities successfully located Wilson and extradited him back to Texas, booking him into a Harris County jail. Now, Wilson is out on a $150,000 bond.

Wilson’s arrest in a Taipei hotel on Friday was the result of a collaborative effort between the U.S. Marshals, Taiwan’s police force and the U.S. State Department. His charges stem from an August 22 incident during which Wilson allegedly sexually assaulted a 16-year-old he found on SugarDaddyMeet.com, paying her $500 for sex in a North Austin hotel.

The charges are corroborated by security footage showing Wilson himself and a car with a license plate registered to his business. The charges originated from a report by a counselor who had spoken with the 16-year-old girl who identified Wilson and described the alleged assault.

Wilson lives in Austin where he owns and operates Defense Distributed, a defense company that conducts research and development “for the benefit of the American rifleman.” He reportedly fled to Taiwan after receiving a tip that authorities sought to arrest him.

“This was a collaborative effort that demonstrates the dedication of local, state, federal and international officials working together to bring this fugitive to justice,” U.S. Marshal for the Western District of Texas Susan Pamerleau said of the arrest.

In a statement to local news, Wilson’s lawyer Samy Khalil announced Wilson’s intentions to fight the charges. “We are glad that Cody is back in Texas again where we can work with him on his case,” Khalil said. “That’s our focus right now, representing our client and preparing his defense.”