Episode 10: John Matherly on Shodan
We are entering a new era where the everyday objects around us are connected to, and controllable from, the internet. From home automation systems to industrial controls used to manage nuclear reactors, things that used to be possible only with physical interactions are now being put under software control.
While there is a great deal of excitement about this coming internet of things, one aspect that is often glossed over are the profound security issues we are going to face. It’s one thing if a hacker uses a security exploit to steal personal information from users of a website, or destroys files on a user’s computer hard drive. It’s quite another thing when they can open our garage doors, change traffic signal patterns, or disrupt the operations of hydroelectric dams.
Shodan is a window into this world of connected devices, identifying devices like webcams, traffic signals, and – yes – nuclear power plants on the internet. It can be used by security researches to identify internet-connected devices with security vulnerabilities, and as a general tool to understand the landscape of connected devices in order to provide a more secure infrastructure. It’s also the same kind of technology that malicious hackers use for the same purpose, but with different intent.
Shodan’s creator John Matherly is a great person with whom to discuss some of the security issues we are all going to be facing in this new world.
John Matherly is the founder and developer of Shodan, the world’s first computer search engine. His work includes performing Internet-wide surveys, analyzing large amounts of data and making security tools more accessible to the community. His friends refer to him as a professional Internet cartographer. He can be found on Twitter as @achillean.
Some related links: