From necessities like paper towels and groceries to a new television or furniture, you can find almost anything you need for your home on Amazon. What few may realize, however, is that that the online retailer not only sells household accessories, but actual homes, too.
For example, you can purchase this expandable container house for just $23,800 on Amazon, plus $1,000 in shipping costs — a fraction of the $227,700 median price for a house in the United States, according to Zillow.
The house, which is sold by Hebei Weizhengheng Modular House Technology Group (WZH Group), a Chinese design firm that sells modular homes, can be expanded using a remote control. The home includes both wind and solar power systems, a small kitchenette, and a bathroom with a sink, toilet, and shower, as well as a living space.
Owners can also choose to wire the house with electricity instead of using solar or wind power, according to CNBC MakeIt. Based on the Amazon description, it also sounds like buyers can customize the materials the house is constructed from.
Miniature houses like the ones offered by WZH Group are cropping up on Amazon as the demand for smaller homes is getting bigger. More than half of adults surveyed by the National Association of Home Builders in 2018 said "yes" or "maybe" when asked if would purchase a home smaller than 600 square feet.
See below to take a look inside one of the modular homes WZH Group offers for sale on Amazon.
In a classic scene from the 1993 movie The Fugitive, Richard Kimble (Harrison Ford) appears to be trapped in a drainage tunnel; Deputy Samuel Gerard (Tommy Lee Jones) is approaching and a dangerous waterfall looms behind. Gerard of course believes that the fugitive is trapped; a plunge down that waterfall is surely a death wish.
And yet Kimble does what everyone knows he’ll do: he dives right off and survives.
While he doesn’t have safe form, and appears to flip over once or twice no less, it is indeed possible to survive a fall like that — especially with improved technique. Just last month, in fact, a man survived a 170-foot plunge over Niagara Falls.
The reason folks perish when they fall into water from a significant height is because the speed of the fall combined with the surface tension of the water makes it akin to landing on concrete. But with a waterfall, the force of the water coming down breaks some of that tension and makes for a “softer” landing. That said, it’s still a highly dangerous endeavor. Colliding with rocks and drowning from not being able to get up to the surface in time are just a couple of the potentially fatal risks involved. So, never attempt for fun, but if you find yourself in a situation where you’re unavoidably about to tumble down a waterfall, utilize the above tips to increase your chances of survival.
A group of scientists called the "Ring of Five" has been scouring Europe’s atmosphere for elevated levels of radiation since the mid ’80s.
In July, the group released a study detailing evidence of an undisclosed nuclear accident that may have taken place less than two years prior. The likely culprit, the scientists said, was the Mayak nuclear facility in Russia, which was once the center of the Soviet nuclear-weapons program.
At the time of the alleged accident in 2017, Russian officials said the facility wasn’t the source of the release, even though the nation showed elevated levels of a radioactive isotope called ruthenium-106. Instead, officials in Russia attributed the radiation to an artificial satellite that burned up in the atmosphere.
But the latest Ring of Five study contradicts that account. Their research traced the source to an area of Russia known as the Southern Urals. The scientists also figured out that the release came from a nuclear reprocessing facility, which separates plutonium and uranium from spent nuclear fuel.
Georg Steinhauser, a professor at the University of Hanover in Germany and one of the study’s lead authors, said Mayak is the most likely place of origin because it’s the largest nuclear reprocessing facility in the area. The facility was the site of the 1957 Kyshtym explosion, the world’s third-worst nuclear accident behind Fukushima and Chernobyl.
Scientists ‘were stunned’ to find evidence of a nuclear accident in Russia
After the Chernobyl disaster sent plumes of radioactive material spiraling across Europe in 1986 , the scientists in the Ring of Five — who hailed from Sweden, Germany, Finland, Norway, and Denmark — enlisted the help of other nations to expand their efforts. The group now includes researchers from 22 countries.
The team first detected what they called "an unprecedented release" of ruthenium-106 in the atmosphere in Europe and Asia in 2017. The discovery marked the first time that ruthenium-106 had been found in the atmosphere since Chernobyl. Even the 2011 nuclear meltdown at Fukushima didn’t release detectable levels of that isotope.
"We were stunned," Steinhauser told Business Insider. "We are measuring the air 24/7, 365 days a year, and suddenly we came up with something unusual and unexpected."
For almost two years, the scientists traced the pathway of the radioactive isotope back to its original source by modeling atmospheric conditions such as altitude, wind direction, and the shape of the plumes.
Ultimately, they determined that all evidence pointed to the Mayak facility. Russia hasn’t issued a response to the finding.
The ‘single greatest release from nuclear-fuel reprocessing’ ever
The scientists don’t consider the levels of radiation they detected to be an immediate threat to people’s health, but the long-term consequences are unknown. Last year, France’s Institute for Radiological Protection and Nuclear Safety determined that the levels of ruthenium-106 in the atmosphere do not pose danger to human health or the environment.
The nuclear release was "nothing compared to Chernobyl," Steinhauser said. But he noted that it was still the "single greatest release from nuclear-fuel reprocessing that has ever happened."
One unanswered question, he said, is whether the population near the Mayak facility ingested any radiation in their lungs. Steinhauser also said there could be reason to monitor food safety if radiation leaked into the soil and water.
"I’m not blaming Russia, because certain types of accidents are difficult to spot," he said. "For me, it is about the lessons to be learned."
After Fukushima, he said, Japanese officials shared information about the accident that helped improve the world’s safety regulations for nuclear power. In the wake of that disaster, the European Union began to require "stress tests" to evaluate the stability of nuclear reactors.
Steinhauser said the Ring of Five was "hopeful that Russia would have come forward" in 2017 in the same way Japan did in 2011. By revealing the mistakes that lead to the accident, he said, Russia could help make nuclear power safer than it was before.
Electing to not eat meat is a sure-fire way to reduce your impact on the environment.
The problem is that often, the diet that meets our nutritional needs isn’t ideal for the planet.
"You could eat nothing but yellow corn — a crop that’s grown in abundance, with reduced environmental impacts —but it would be catastrophic for your body to subsist on starch alone," environmental researcher Gidon Eshel told Business Insider.
But in a study published today in Scientific Reports, Eshel and his team report that it’s possible to satisfy our nutritional needs without eating meat — and help the environment at the same time.
The researchers calculated that if every American replaced all beef, chicken, and pork in their diet with a vegetarian option, that would save the equivalent of 280 billion kilograms (280 million metric tons) of carbon dioxide every year. That’s roughly the total that the entire state of Ohio emits. Or, put another way, it’d be the same as taking about 60 million cars off the road.
Livestock farming also degrades land and water and contributes to deforestation —30% of land worldwide is currently used either for livestock farming or to grow grain to feed that livestock.
So Eshel’s team modeled what would happen if all Americans stopped eating meat (beef, poultry, and pork) and replaced it with plants that conferred the same nutrients in the same daily doses. Their results suggest that shift would reduce the amount of land needed to grow crops by 35% to 50% and eliminate the need for pastures.
By the numbers, replacing meat with plant alternatives would save approximately 29 million hectares (72 million acres) of crop land, 3 billion kilograms (6.6 billion pounds) of nitrogen fertilizer, and the equivalent of 280 million metric tons of carbon dioxide per year in the US.
Food-related water use in this situation, however, would rise by 15%.
These benefits arise because crop farming requires less land and less fertilizer (and because crops don’t emit methane, another potent greenhouse gas, the way cows do when they burp and fart).
Producing meat substitutes for a meatless diet emits about 80% less carbon than producing meat, Eshel said.
"The carbon-emissions cost is 3.5 kilograms per American per day for producing all the meat they need that day, and only about 0.6 kilograms for producing the meat’s replacement," he added.
The plant-based diets that Eshel’s team used in their model mostly consisted of soy, green peppers, squash, buckwheat, and asparagus. These crops were picked because they were at least as nutritious, if not more beneficial, than the meats they replaced in terms of their contributions to people’s protein, vitamin, and fatty-acid needs.
The study authors reported that buckwheat and tofu, for example, could deliver one-third of the total protein in a meatless diet. Producing those foods would require only 12% of the nitrogen fertilizer and water and less than 22% of the cropland that would be needed to produce the meats they replaced.
"There’s something empowering about these results, because they offer people a sense of agency in terms of determining their own impact," Eshel said.
Impossible Foods, a leading producer of plant-based "meat-like" patties, has launched its Impossible Burger 2.0 in more than 7,000 restaurants worldwide. The product will be sold in all Burger King locations across the US (not to mention your local grocery store) by September.
Beyond Meat, another meat-free burger company, saw similar success: The company netted $40.2 million during its first quarter as a public company (between January and April), a 215% jump from the same period in 2018.
Global consultancy firm AT Kearney projects that by 2040, 60% of the "meat" products humans consume will either be plant-based replacements or lab-grown meats.
Eshel said studies like his are important in "reassuring the open-minded skeptics" that switching from meat- to meatless-diets won’t leave you lacking in nutrition.
The fog of love that is dating in 2019 has led to a near-constant barrage of new terms that help us navigate the uncertainties of modern courtship: ghosting, lumbersexual, cuffing, cloaking. To the novice, online dating profiles today can look like bafflingly coded messages with random-ass numbers (aka the unspoken requirement for men to include their height) and nonsense acronyms (aka Myers-Briggs personality type indicator).
Sapiosexuals claim to be more attracted to people’s intelligence than their appearance, or consider high intelligence a big turn-on. No one wants to date an idiot, of course, but as Indiana University School of Public Health professor and sex researcher Debby Herbenick clarified, for sapiosexuals intellect is the most pivotal factor in attraction.
“Some people who identify as sapiosexual describe intelligence as a fetish or kink, others say they fall in love with someone’s brain,” Herbenick said.
Identifying as a sapiosexual on your dating profile is considered a faux pas on par with using words like “wanderlust” or dudes using pictures of themselves holding a fish. Yet there’s no denying that sapiosexuality caught onto the mainstream for a reason, filling a gap between the language we have available and the language we need to find connection in the online dating world.
“On the internet, all you have is words. So while IRL you can watch how someone interacts with others or dances, online you just have what you type at each other,” said psychologist, author, and sex coach Liz Powell.
Despite the backlash, the continued popularity of sapiosexuality on dating apps shows just how much online dating changes the way we express our relationship needs and desires. The problem, though, is that calling yourself a sapiosexual can mean a whole lot of different things — and not all of them are great.
The rise and fall of the sapiosexual
The rise of sapiosexuality is inextricably linked to the struggle to communicate who you really are to the rest of the internet.
First coined in a 1998 LiveJournal post by a user known as wolfieboy, it was born out of his frustration with the lack of words that fit his sexual preferences. The term only took off in the early 2010s through online quizzes, then solidifying into the dating lexicon in 2014 after OKCupid made it an option for sexual orientation and gender identity.
A whole new app called Sapio even launched in 2017, advertised as the only dating app to match you based on intelligence (though it’s still a very photo-forward design like Tinder). Over the past year alone, OkCupid also saw a 42 percent increase in people using the term on their profiles, according to a statement provided to Mashable by its global communications manager, Michael Kaye.
But critics have already written off so-called sapiosexuals as pretentious at best and discriminatory at worst, while also demeaning real marginalized gender and sexual orientations in the LGBTQ community. “When even Tumblr doesn’t recognize your sexual orientation, you’ve got a problem,” one Daily Beast article concluded.
Online dating changes the way we express our relationship needs and desires.
“Sapiosexuality is a highly controversial term these days because of the ways it can enshrine classist, ableist, sexist, and racist ideas about what it means to be ‘smart,'” said Powell. “Most folks who identify as sapiosexual mean that they like being able to have good conversations with the people they date.”
Even the Sapio app betrays the utter vagueness of the term, marketing itself as “the only app that gets to the core of people through their lived experiences, heartfelt opinions, and bold passions.” Which sounds like, you know, any fulfilling relationship.
But Sapio’s CEO Kristin Tynski also revealed what’s really at the heart of the sapiosexual trend, when she told the the Huffington Post: “For many, defining oneself as sapiosexual has become [a] statement against the current status quo of hookup culture and superficiality, where looks are prized above all else.”
Similarly, Coffee Meets Bagel CEO Dawoon Kang told Mashable that the rise of sapiosexuality “is part of an underlying trend with swipe fatigue in online dating culture.” In other words, people are tired of sifting through hundreds of profiles, judging people’s desirability based on a few pictures: “It’s left them feeling empty.”
So sure, it’s probably the wrong word. But the sentiments behind sapiosexuality get at a very real and very common need that’s come out of the age of online dating: wanting deeper, long-term connections.
So what does being sapiosexual really mean?
What sapiosexuality really seems to emphasize is people’s desire for an equal partner with shared interests, opinions, self-actualization, drive, and education levels.
Western Sydney University professor and sex researcher Peter Jonason doubts sapiosexuality is a legitimate orientation because it fails to account for the many other, more fundamental factors behind a sapiosexual’s mating selection.
In the 2018 study people who classified as sapiosexual admitted to still caring about a baseline of physical attractiveness in their partner. And unlike an orientation like homosexuality, attraction to high intelligence comes secondary to factors like gender, biological sex, and even similar values.
“People can be intelligent in ways you don’t value or [that] don’t satisfy your specific needs,” Jonason said, giving the example ofa sapiosexual Democrat who would, in 2019, probably never find themselves attracted to a Republican no matter how “intelligent” they were.
Our definitions of intelligence are relative to our own intelligence, with research suggesting that even those who highly value intelligence in a partner still have a cap for exactly how much smarter they want that person to be.
“In general, folks tend to think that those who share their existing views are smarter than those who don’t, so it’s about shared social location and experience, not intelligence,” said Powell.
Sure enough, the self-identified sapiosexuals Mashable talked to and who’ve been interviewed elsewhere have vastly different definitions of “intelligence,” ranging from emotional maturity, humor, drive, and IQ, to curiosity, the use of proper grammar, and liking the same “smart” things they like.
They also often express an aversion to what they perceive as dumb people and their baser interests.
“For me, I’d say it’s much more about awareness, and being emotionally intelligent. I like someone who takes their time seriously to better themselves intellectually by learning more about people and the world versus staying stuck in their own little bubble. I think it’s a thirst for information which turns me on,” said Jen Kaarlo, a 35-year-old UX copywriter.
Even then, though, she doesn’t include sapiosexual on her dating profile precisely because of the stigma around it.
“I find dumb people exhausting and somehow I wonder how they have survived,” said Roxxanne Miller, a 28-year-old Romanian cam model who’s made sapiosexuality part of her brand. “I appreciate a person who strives to push the limits.”
Sapiosexuals are zeroing in on one of the most important factors in predicting longterm compatibility: value alignment.
From Kang’s perspective, sapiosexuals are zeroing in on one of the most important factors in predicting longterm compatibility: value alignment. For that reason, she doesn’t believe in shaming people for being upfront about what they prioritize in a partner, whether it’s wealth, education, or intelligence.
Interestingly, Jonason’s research also found that intelligence becomes increasingly important in mate selection when people (particularly men) are looking for long-term relationships rather than just casual sex. So identifying as a sapiosexual on a dating app could be a coded, less direct way of saying you’re not interested in one-night stands.
The thing is, though, putting ‘sapiosexual’ in a dating profile is often more about distinguishing your own identity than describing any particular preference in partners.
“Sapiosexuality can be a way of virtue signaling, like saying, ‘Hey, I value your brain more than your looks,” said Jonason. In the current cultural climate, it’s woke to deny baser animalistic instincts like physical attractiveness as influencing your dating habits.
“Or it can also be a way of showing off how much more intellectually advanced you are,” said Jonason. “‘Sapiosexual’ implies that your mating preference are superior to other people’s.”
Again, none of that applies to all self-identified sapiosexuals. But that goes back to the original issue: there’s no universally agreed-upon meaning for the term. Using it on your profile explicitly and implicitly communicates a vast array of desires and preferences, some of them admirable and some of them less so.
But according to Herbenick, what the majority of people probably mean when they call themselves sapiosexual is “they want to talk, they want to connect, they want intimacy, they care about intelligence, and want to learn about another human being.”
If that’s the case, though, sapiosexual isn’t the word that’s gonna get you there.
What’s smarter than a sapiosexual?
So sapiosexuality most likely isn’t an orientation, since it’s about way more than just sex. It also isn’t a very useful identity, since it’s no more specific than Human Who Likes Engaging Conversation.
“It’s a really rough shorthand for, ‘I want someone who is like me, values the things I value, and thinks the way I think,'” said Jonason. “In other words, it’s about compatibility. But how you define compatibility is person-specific. It’s a question of ‘Are you compatible with me?'”
If anything, sapiosexuality describes a preference for certain personality traits that are better defined by models like the big five, often used by researchers to evaluate people’s dispositions. Based on how most people describe it, sapiosexuality sounds like a desire for partners with high “openness to experience.”
“Having these terms does make it easier and a little more acceptable to express what you want.”
Or perhaps you’re one of those people using sapiosexuality to imply a desire for a longterm relationships, or only feeling sexually attracted to those you share a strong emotional connection with. Well for that, you might want to look into demisexuality, which is a much more well-defined sexual orientation.
Ultimately, though, Jonason said, “There’s no single word for it because we’re trying to use one word to describe a quite varied phenomenon.”
Like lumbersexual, sapiosexual can be harmless when used to cheekily describe being horny for a subcultural trend. Nerds are hot now, so it only makes sense that we’d make up a term for thirsting after that type.
But, also like the lumbersexual phenomenon, it will inevitably draw some annoyed hipster backlash.
“People don’t feel at liberty to say what they want in modern dating culture for fear of being judged by a bunch of strangers. There’s a lot of not wanting to send the wrong signals. So having these terms does make it easier and a little more acceptable to express what you want,” said Kang, the Coffee Meets Bagel CEO.
Sapiosexuality might not be “real”, but it has clear utility for a whole range of people. It might be a fad, but it highlights a huge issue in online dating culture: It’s become so vapid that we’re confusing the normal-ass desire for a serious, long-lasting connection with someone for a new sexual orientation.
For those of us (because make no mistake, I am one of you) with a particular weakness for nerds or tendency to sexualize knowledge to kinky degrees, there’s a better, more precise word out there.
Maybe something like Thought Thots, or Mindfuckers, or even BBE (Big Brain Energy). You’re smart. You’ll figure it out.
Form and functionality – these are the core factors that define any good product design! But this one innovator has us scratching our heads with his ingenious take on some problems we may or may not have, with solutions that are as innovative as the trouble itself! Meet Matt Benedetto, creator of the Unnecessary Inventions page on Instagram who creates solutions, from his recently viral Croc Gloves, a version of Thanos’s gauntlet that comes with sauces for all your chip dipping needs, to even a Pizza Fanny Pack, that to be honest, would be a fun carry-on for those days when you just need that slice of pizza to make everything better!
Crocs Gloves feature all the best things from the shoes, including that thick foam material and safety strap. Start getting all your household chores done in style.
Incognito Kicks lets you feel the ground beneath you where ever you go. Just slip on these comfortable loafers and enjoy the sensation of walking barefoot while maintaining the appearance of appropriate attire.
This Avengers-inspired Infinity Saucelet brings all your fast food dreams to life in one snap of your fingers. This extremely powerful gauntlet can wield the power of all of your favorite fast food sauces all at once. Cover everything in sauce… whatever it takes.
The Pizza FannyPack lets you carry your precious pizza, anywhere – anytime! Strap on our futuristic fanny pack that features two transparent pouches for your favorite slices on the go! The rugged waist strap has a high impact resistant buckle and reflector for a safe Pizza Party on the go.
Meet the TetherPods If you are sick and tired of your Apple AirPods always falling out or getting lost, then I have exciting news for you. Those issues are now a thing of a past with our signature iPhone Case that features an attached flexible cord that easily slides onto each AirPod. Always have a secure lifeline directly to your phone.
The UtilityNails are here for any home improvement job. Simply secure these rugged steel nails with superglue and have all your tools at the tips of your hands. It features wrenches, screwdrivers, and an Allen key!
The Digits Comb for the times you just don’t want to run your hands through your hair, simply use our silicone fingers comb. Breeze through your hair as if you would be doing it with your own hands to get each strand back in its place.
Scooter Computer Commuter lets you grab your electric scooter and get those TPS Reports done before you even get to work. This stand-up desk is designed specifically for your electric scooter to ensure you are making the best use of your time. Now back to work and don’t be late!
Wearing the FlopFlips means you can reverse your steps to ditch that stalker on the beach. These sandals feature a backward sole to ensure all your footprints always appear to be traveling the opposite direction you are walking.
With EyeWiped you can swish and say goodbye to those annoying raindrops on your sunglasses. Outfitted with water detecting sensors, automatically wipe away any water that gets onto your lenses when you are out and about. Finally no need to take your shades off during that class 5 hurricane.
The SockLocker is a solution for all who are sick and tired of always losing just one of your favorite socks! Completely turn your life around with our handy little sock storage device so you never misplace any of your precious socks. Three proprietary sock hangers are included to neatly and safely hang your sock collection.
Una vez quedé con un chico que me recogió en su coche mientras sonaba el CD de Maluma; ahí termina la historia. La música reguetón es una línea roja en cualquier primera cita. Se compara a que desprecien tu libro preferido, confiesen que no soportan a los animales, o pronuncien aquello de "ni feminismo, ni machismo, yo creo en la igualdad”. Durante esa primera cita tampoco se admiten llamadas de la ex, anécdotas sobre la ex, lo que sea de la ex. O peor, llamadas de la madre para comentar cómo ha ido el día. De esta primera impresión depende que haya una segunda, incluso una tercera, así que pasa de los temas escatológicos y, por lo que más quieras, mastica con la boca cerrada.
That was the subject line Tim Ellis used in his 2015 e-mail to billionaire investor and Dallas Mavericks owner Mark Cuban when he responded to invest in 3D rockets.
"He posts his email publicly for people to get in touch with him but I wasn’t expecting a response," Ellis, now 29, said in an interview with Business Insider. "I mentioned that I was from a town near him in Texas, that I had looked into the viability of 3D printing rockets and was looking for $100,000 in seed funding."
Cuban responded within five minutes.
Less than a week later, Cuban agreed to fund all $500,000 of the company’s seed round. Ellis, then 26, and cofounder Jordan Noone, used the money to start Relativity Space, and have subsequently raised $45 million in VC funding in just three years to 3D print rockets to go to Mars.
Relativity’s dreams were ready for lift off. The company has received funding from startup incubator Y Combinator and in just three years has followed that up with raises from Social Capital, and Playground Global.
"I heard that Cuban’s email was online from a friend at a party at university," Ellis added. "We wanted to catch his attention, and he’s invested in every one of our rounds since then. He knew we were young, but clearly had the credibility and expertise."
As an engineer at Jeff Bezos’s Blue Origin, Ellis spent additional time after work looking into the feasibility of 3D printing as another way to build complex rocket parts. Now, with fellow founder, and SpaceX alumnus, Noone, they aim to eventually automate manufacturing on Mars using 3D printing.
Relativity Space uses 3D printers for almost all — about 95% — of the components it needs to assemble a spacecraft. Currently it has printers in California but is planning a massive $59 million expansion to make a permanent manufacturing hub in Mississippi. The company claims to own the largest metal 3D printer in the world.
Ellis studied at the University of Southern California, majoring in aerospace engineering and is now the youngest member of the US Space Council, advising the president on space policy.
He says that the burden of getting to Mars shouldn’t be borne by Elon Musk’s SpaceX alone, and says it will fundamentally change the way humans think about existence.
Researchers at the University of Utah connected a prosthetic arm to neuromyoelectric implants so it moves with your thoughts. It’s called “LUKE Arm,” after Luke Skywalker’s robotic hand from “The Empire Strikes Back.” Read more…
Why break into a company’s network when you can just walk right in — literally?
Gone could be the days of having to find a zero-day vulnerability in a target’s website, or having to scramble for breached usernames and passwords to break through a company’s login pages. And certainly there will be no need to park outside a building and brute-force the Wi-Fi network password.
Just drop your exploit in the mail and let your friendly postal worker deliver it to your target’s door.
This newly named technique — dubbed “warshipping” — is not a new concept. Just think of the traditional Trojan horse rolling into the city of Troy, or when hackers drove up to TJX stores and stole customer data by breaking into the store’s Wi-Fi network. But security researchers at IBM’s X-Force Red say it’s a novel and effective way for an attacker to gain an initial foothold on a target’s network.
“It uses disposable, low cost and low power computers to remotely perform close-proximity attacks, regardless of the cyber criminal’s location,” wrote Charles Henderson, who heads up the IBM offensive operations unit.
A warshipping device. (Image: IBM/supplied)
The researchers developed a proof-of-concept device — the warship — which has a similar size to a small phone, into a package and dropped it off in the mail. The device, which cost about $100 to build, was equipped with a 3G-enabled modem, allowing it to be remote controlled so long as it had cell service. With its onboard wireless chip, the device would periodically scan for nearby networks — like most laptops do when they’re switched on — to track the location of the device in its parcel.
“Once we see that a warship has arrived at the target destination’s front door, mailroom or loading dock, we are able to remotely control the system and run tools to either passively, or actively, attack the target’s wireless access,” wrote Henderson.
Once the warship locates a Wi-Fi network from the mailroom or the recipient’s desk, it listens for wireless data packets it can use to break into the network. The warship listens for a handshake — the process of authorizing a user to log onto the Wi-Fi network — then sends that scrambled data back over the cellular network back to the attacker’s servers, which has far more processing power to crack the hash into a readable Wi-Fi password.
With access to the Wi-Fi network, the attacker can navigate through the company’s network, seeking out vulnerable systems and exposed data, and steal sensitive data or user passwords.
All of this done could be done covertly without anyone noticing — so long as nobody opens the parcel.
“Warshipping has all the characteristics to become a stealthy, effective insider threat — it’s cheap, disposable, and slides right under a targets’ nose –all while the attacker can be orchestrating their attack from the other side of the country,” said Henderson. “With the volume of packages that flow through a mailroom daily — whether it be supplies, gifts or employees’ personal purchases — and in certain seasons those numbers soar dramatically, no one ever thinks to second guess what a package is doing here.”
The team isn’t releasing proof-of-concept code as to not help attackers, but uses the technique as part of its customer penetration testing services — which help companies discover weak spots in their security posture.
“If we can educate a company about an attack vector like this, it dramatically reduces the likelihood of the success of it by criminals,” Henderson said.