{"id":24128,"date":"2019-07-03T10:07:26","date_gmt":"2019-07-03T14:07:26","guid":{"rendered":"https:\/\/wsbj.com\/sorabji\/?p=24128"},"modified":"2019-08-13T13:23:57","modified_gmt":"2019-08-13T17:23:57","slug":"more-smart-city-fun","status":"publish","type":"post","link":"https:\/\/wsbj.com\/sorabji\/2019\/07\/03\/more-smart-city-fun.html","title":{"rendered":"More Smart City Fun"},"content":{"rendered":"

I quit writing about this, thinking I’d have no need to further document the shenanigan. I thought I had ceased its operation. But I’ll be revisiting the LinkNYC loudspeaker broadcasts sometime soon, along with other exploits, or whatever you want to call them.<\/p>\n

Last week the\u00a0Times<\/em> published a piece that seemed to reflect the recent layoffs in their research department. An op-ed about the Smart City leveled certifiably fact-free accusations against LinkNYC, spawning a new crowd of skeptics who don’t believe anything except what they want to believe.<\/p>\n

I don’t need to get into the details. But I’ve been watching the sometimes uncomfortable Q&A with some chagrin. Someone asked about general network vulnerabilities the devices might contain. Someone else chimed in “Well there’s the mister softee hack<\/a>“, with a link to the December Gothamist story.<\/p>\n

It’s the third time in recent weeks I’ve seen reference to my little kiosk shenanigan from last year. For all the work I put into making that happen it is gratifying to see I’m still in the discussion, even if most people still don’t seem to know who did it.<\/p>\n

Moments after that person posted his softee comment my website started getting pageviews from Intersection.com. Someone there had used a searchie to find my “Mr. Softee Post-Mortem”, or whatever I called it. I published an 8000 word masterpiece describing details of my exploit, then unpublished it a few days later. That was December. Someone at Intersection\/LinkNYC has that post title branded into their head.<\/p>\n

Evidence from the access_log follows. The first hit from 52.119.0.5, which WHOIS records identify as Intersection Design and Technology, at 10 Hudson Yards. This shows the 404 error they encountered after searching for a very specific document.<\/p>\n

52.119.0.5 – – [02\/Jul\/2019:14:28:54 -0400] “GET \/my-linknyc-mr-softee-postmortem-abridged.html HTTP\/1.1” 404 82801 “https:\/\/www.google.com\/” “Mozilla\/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit\/537.36 (
\nKHTML, like Gecko) Chrome\/74.0.3729.131 Safari\/537.36”<\/p>\n

Next came this query. Someone at Intersection searched my site for “softee”:<\/p>\n

52.119.0.5 – – [02\/Jul\/2019:14:30:18 -0400] “GET \/search-the-payphone-project-2?q=softee HTTP\/1.1” 200 25050 “-” “Mozilla\/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/74.0.3729.131 Safari\/537.36”<\/p>\n

So when they found a 404 file not found page they proceeded search my site for “softee”, probably turning up a bunch of passing references but not finding the full account of how and why I did it. That 8000 word account also described a bunch of other vulnerabilities and openings in the kiosks, problems that the company fixed right away, pretending I did not exist.<\/p>\n

Such a strange, fragmented world. There is a different kind of digital divide in play here. I see them. They see me. I run amok with their poorly planned kiosks. They scoop QA tips from me<\/p>\n","protected":false},"excerpt":{"rendered":"

I quit writing about this, thinking I’d have no need to further document the shenanigan. I thought I had ceased its operation. But I’ll be revisiting the LinkNYC loudspeaker broadcasts sometime soon, along with other exploits, or whatever you want to call them. Last week the\u00a0Times published a piece that seemed to reflect the recent […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"jetpack_post_was_ever_published":false},"categories":[2],"tags":[],"class_list":["post-24128","post","type-post","status-publish","format-standard","hentry","category-181-2","et-doesnt-have-format-content","et_post_format-et-post-format-standard"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/paumAn-6ha","jetpack-related-posts":[],"_links":{"self":[{"href":"https:\/\/wsbj.com\/sorabji\/wp-json\/wp\/v2\/posts\/24128","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/wsbj.com\/sorabji\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/wsbj.com\/sorabji\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/wsbj.com\/sorabji\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/wsbj.com\/sorabji\/wp-json\/wp\/v2\/comments?post=24128"}],"version-history":[{"count":2,"href":"https:\/\/wsbj.com\/sorabji\/wp-json\/wp\/v2\/posts\/24128\/revisions"}],"predecessor-version":[{"id":24171,"href":"https:\/\/wsbj.com\/sorabji\/wp-json\/wp\/v2\/posts\/24128\/revisions\/24171"}],"wp:attachment":[{"href":"https:\/\/wsbj.com\/sorabji\/wp-json\/wp\/v2\/media?parent=24128"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/wsbj.com\/sorabji\/wp-json\/wp\/v2\/categories?post=24128"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/wsbj.com\/sorabji\/wp-json\/wp\/v2\/tags?post=24128"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}