Some things just shouldn't be connected to the Internet. With Shodan, a search engine that finds connected devices, it's easy to locate dangerous things that anyone can access without so much as a username or password.
U.S. hospitals have to abide by the Health Insurance Portability and Accountability Act. Here's a violation: One hospital put its heart rate monitors online for the whole world to see.
Although this was a read-only tool -- you couldn't defibrillate a patient over the Internet -- it's still a major, major breach of the privacy law.
Tentler said that another security researcher reported this hospital to DHS' Industrial Control Systems Cyber Emergency Response Team last year.
NEXT: A home security app