Hacker News new | past | comments | ask | show | jobs | submit login

> Why are they not worried about prosecution for their mass port scanning?

In his talks the founder says he provides law enforcement with all the crawled data for free and that he has regular contact with the US CERT. So there doesn't seem to be any legal problem.

My opinion: shodan doesn't try to exploit any known backdoors or common user/password combinations. Testing for anonymous/guest logins is fine in my view.




>In his talks the founder says he provides law enforcement with all the crawled data for free

Why is this a good thing?

Isn't it like trying every door in a neighbourhood and handing the FBI a list of all the properties that have been left unlocked?

Oh - and there's that very useful exploit dictionary too.

I ban all the shodan IPs I can find as a matter of policy.


It's not necessarily a good thing, but it's a good indicator that it isn't obviously illegal (because otherwise law enforcement would try to hide that connection better)




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: