I had a similar experience where a competitor released an academic paper rife with mistakes and misunderstandings of how my software worked. Instead of reaching out and trying to understand how their system was different than mine they used their incorrect data to draw their conclusions. I became rather disillusioned with academic papers as a result of how they were able to get away with publishing verifiably wrong data.
Maybe it depends on the type of business/ customers that you have because I've had the opposite experience. For us as a security SaaS, B2B enterprise is incredibly stable and predictable. B2C has a lot more variability and payment issues compared to large orgs with dedicated procurement departments, vendor processes etc.
The old PIPS ALPR devices aren't online anymore but they had horrible security as well. Just sending a newline to their UDP port would cause them to send you all images as they were being collected in real-time - no authentication needed. And the images had the license plate information encoded in the JPG metadata. I did a talk about it at some point (https://imgur.com/HHcpJOr) and worked with EFF to take them offline
The result is very strange. It's saying that South Korea has the most number of websites with the header and yet I don't see ANY search result in Korean. No writeup or whatsoever. Wonder what those websites would be.
Flying by the seat of my pants, this page of information has details which we can guess at - 27,799 are South Korea, 27,690 are Korea Telecom (so close that I'll say it's a 1-to-1 match). Wikipedia tells me as of 2015, KT ran more than 140,000 Wifi hotspots.[1]
Further down the info, we see 28,587 (almost the same number as above) HTTP titles are "Gargoyle Router Management Utility" - which is an opensource variant of the OpenWRT world which patches the code to include the Clacks header.[2]
I'm going to conclude that there's a direct correlation in this data (it all being one and the same endpoint/device pattern) and that 30,000 KT Wifi hotspots across South Korea have their management UI open on the public interface and not locked to the internal network or a VPN, etc. running this Gargoyle patch.
And how representative are publicly accessible redis/valkey instances for redis/valkey usage in general? And can shodan even differentiate Redis from a Valkey instance setup in a backwards-compatible way without being able to authenticate?
In absolute numbers probably not highly representative but the relative numbers are meaningful to measure adoption. And no, it requires the user to disable authentication in order to get the service details to differentiate between Redis and Valkey. But again, you can compare unauthenticated Redis to unauthenticated Valkey to see how the percentages are changing over time.
reply