Hello, welcome to the Wednesday, May 22nd, 2019 edition of the Sandsenet Storm Center's Stormcast. My name is Johannes Ulrich.

And today I'm recording from Jacksonville, Florida.

Quick diary today from Tom about how to use Shodan's monitoring feature. Now, this is a for-pay feature, I believe you have to be at least a member which is pretty

cheap or then sign up for their more expensive small business plans if you do want all the

features of it.

But even the basic features do essentially allow you to set up alerts whenever Shodan

discovers a new system inside your network.

As Tom points out, you can do the same thing with a simple NMap scan from outside your network,

but getting Shodan's view and getting the alerts maybe a nice little addition

to some regular external vulnerability scans.

And then we got yet another way to identify smartphones in particular iOS devices before iOS 12.2.

The trick here is that all of these devices do have motion sensors or gyroscopes that

are accessible via JavaScript and have a unique bias as to how these sensors are oriented.

By subtracting any motion that device experience at a time it's being used when it's, for example,

being carried in a bag, these researchers were able to then extract this essentially

calibration data from the gyroscope and identify

individual devices.

Apple in iOS 12.2 started to add some random noise to the output in order to defeat this technique.

And apparently this technique may have been used in the wild out of Alexa's top 100,000 websites,

about 2,600 did access motion sensor data.

Not really clear, of course, if this was done in order to identify the devices.

A lot of user trackers and tools like this, but also just check if your gyroscope is accessible

...