On 09/28/2016 11:43 AM, Steve Kinney wrote: > ... What I don't understand is how one would go about identifying > the right addresses to send bogus vendor patches or other exploit > code to, without access to the vendor's own database of incoming > pings from Things. See https://www.shodan.io/ :)