| ▲ | naturalmovement 4 hours ago |
| Everyone: For a moment forget everything you know about computers and wonder if perhaps 99% of normies are just following the directions on the package of their $19 Chinese IP camera. They have no idea what a firewall is, or what the "public internet" even means. There's also a difference between your neighbor not closing her blinds and you using a telescope to look inside her apartment, which is what sites like this are. |
|
| ▲ | Aurornis 3 hours ago | parent | next [-] |
| > and wonder if perhaps 99% of normies are just following the directions on the package of their $19 Chinese IP camera. I doubt that the instructions for a cheap camera have enough information to walk a non-technical user through the process of setting up port forwarding on their specific router. I could believe that it’s automatic port forwarding via UPnP for some of these cameras. However a lot of them are from contractors who install the cameras for people as a service and this is the only way they know how to get them remote access. It’s the same reason different industrial controls and other machines keep getting exposed to the internet. Some installer with a git-er-done attitude knows their customer wants a solution to something (remote access) and they use the first technique they can find to accomplish that without any concern about what it means. They accomplish the thing the customer wants, collect payment, and disappear. If the customer calls back with a complaint about it, the contractor will happily come visit the site and try to “fix” it for another fee. If you’re thinking that this is a liability issue you’re not wrong, but in much of the world there is no realistic recourse. Most things like this are pure caveat emptor. |
| |
| ▲ | naturalmovement 3 hours ago | parent [-] | | Most CCTV contractors are not network security experts. Most network security experts would quit before ever entering a hot attic. So Cletus the CCTV guy who just spent 8 hours crawling through drop ceilings with a mask on, does a super-clean install, and sets it up as well as he knows how. Which is "good enough" — it works and he's off to the next job. The customer's happy and he gets paid. Now which one of you network security guys is going to give up his cushy WFH job to go make house calls for CCTV wages? | | |
| ▲ | fragmede 2 hours ago | parent [-] | | Sir. This is capitalism. What you do is start a company selling secure webcams and hire Cletus to install camera you buy in bulk with your firmware on it, sell the customer a cloud service, and also hire black hat Kevin with cash to expose Cletus's sloppy business practices to bring in customers who are scared into using your service. Also, get money from the government to provide footage to them for "public safety". Just be sure to underpay your techs who actually do the work, err I mean crawl around customer houses. Cletus is free to get a bank loan and mortgage his house to give it a try as well, though he doesn't have a decade of FAANG employment money to lean on, what he does have is experience with customers and crawling around houses. |
|
|
|
| ▲ | pibaker 2 hours ago | parent | prev | next [-] |
| I'd also ask us tech savvy people to practice some humility. Yes, the people setting up these cameras are not following security best practices. But are you sure that you will not make the same mistakes? Are you sure you have never exposed anything you should not have on the Internet, and never will, even as you age? Let anyone among you who is without fumbling security be the first to throw a stone. |
| |
| ▲ | mordechai9000 an hour ago | parent | next [-] | | I worked for a small, local ISP in the mid 2000s. I don't think I made any stupid mistakes on my part, but I had plenty of coworkers who did. To be fair, people were often actively hostile to security concerns back then. It's not much better now, but at least not everything gets a public IP by default. | |
| ▲ | bluefirebrand an hour ago | parent | prev | next [-] | | Personally, I'm not a security expert. I've worked in web for near 20 years, on some reasonably large network projects so I've picked up things here and there, but I still defer to our actual security experts when we roll things out That said, I'm not 100% convinced I could set up a webcam streaming online without accidentally exposing it to the wider internet. Maybe 95% sure? But if even I couldn't guarantee it, what chance does your average joe who mostly only uses his computer for netflix have? | |
| ▲ | NamlchakKhandro 2 hours ago | parent | prev | next [-] | | pfffa haha, i don't drink instant coffee and am not religious, therefore am intellectually god like compared to <insert group i'm objectifying today> | |
| ▲ | cindyllm 30 minutes ago | parent | prev [-] | | [dead] |
|
|
| ▲ | QuantumNomad_ 4 hours ago | parent | prev | next [-] |
| I still don’t understand how someone can end up accidentally exposing things to the public internet. With every ISP I have ever had in my country, it’s all NAT by default. Whatever I connect to my network, wired or wireless, would not be publicly accessible just like that unless I really really went out of my way to make it publicly accessible. How do so many people end up exposing these cameras to the public internet? Are their ISPs not using NAT by default? Are the users jumping through hoops in order to open it up? |
| |
| ▲ | 1e1a 3 hours ago | parent | next [-] | | Many consumer routers allow any connected device to configure port forwarding using UPnP. If you want, you can play around with this using a client such as miniupnpc's example client. | |
| ▲ | fc417fc802 3 hours ago | parent | prev | next [-] | | Is your ISP doing CGNAT? At least in the US that's not the norm. Most people have publicly routable IPv4 addresses (even if they rotate somewhat frequently) and most routers are configured to support UPnP out of the box. This is an example of everything working as intended. The cameras are supposed to be accessable when you're not at home. Of course the cameras ought to ship with randomized default auth on a sticker attached to the unit the same way any half decent router does these days but they don't. | |
| ▲ | 31 minutes ago | parent | prev | next [-] | | [deleted] | |
| ▲ | Phil_Latio 4 hours ago | parent | prev | next [-] | | UPnP is not disabled by default on all routers, especially older ones. So devices may just try to port-forward certain control or media ports. | |
| ▲ | bbor 2 hours ago | parent | prev [-] | | These are cameras sold specifically to be available over the open internet, I guess. |
|
|
| ▲ | My_Name 3 hours ago | parent | prev | next [-] |
| I see it more like that there are things you can do to make sure nobody else gets into your home, like locking the door. If your door is unlocked, either through ignorance or negligence, it's still not right for someone else to just walk into your home and look through stuff you thought was private. Sure, they can do it, but just being able to easily do something doesn't make it right. |
| |
| ▲ | pibaker 2 hours ago | parent [-] | | You'll be surprised by the number of people who thinks if you leave your internet door unlocked then your internet belongings are free to take. There is someone in this very thread arguing that having an internet enable camera in your home turns your home into a public place. It is also funny, and depressing that many of the same people who think might makes right on the internet ends up lamenting how fucked up life is in their low trust societies, when their mindset is exactly what makes a high trust society — you know, the ones where people don't lock doors — impossible. |
|
|
| ▲ | ryandrake 4 hours ago | parent | prev | next [-] |
| Telescope is a bad analogy. This is more like the neighbor is inadvertently projecting a feed from inside their house onto a display outside by the sidewalk for any passers-by to see. |
| |
| ▲ | vineyardmike 4 hours ago | parent | next [-] | | No. This isn’t a passive “walked by the window” thing that you might have unwittingly viewed. To actively search for open cameras by crawling every IP then creating a tool to see them, then choosing to watch the footage is a very active, deliberate choice. No one is viewing this footage without making a multi-step choice to view it. | | |
| ▲ | fc417fc802 3 hours ago | parent [-] | | Don't confuse the creators and maintainers with people who click on a link out of curiosity. I also briefly "walked by the window" glancing at cats using automated feeders in china when someone posted that page to HN recently. I'm surprised this is still a thing though. I remember being shocked when I came across an extensive feed of these inadvertently pubic CCTV feeds ~15 years ago. I had assumed it was no longer a problem. |
| |
| ▲ | ben_w 3 hours ago | parent | prev | next [-] | | Everything is a bad analogy, because the internet has something like 6 billion of us on it these days. We evolved for small tribes, e.g. Dunbar's number is ~150. Roughly 1/129 of the people on the internet are software developers, so in the days of everyone living in villages your in-group would include roughly one person who thinks like we think. "Inadvertently live-streaming to the 1/129 of the world who consider searches like this to be trivial, with zero feedback unless you found your home accidentally went viral" is not like anything we otherwise experience. If anything, projecting onto a nearby sidewalk as you describe is more like "I was bathing after my day's work scribing for the king and wouldn't you know it, that 𒈗𒍠𒄀𒋛 living by the temple decided to walk right in and say hi! Doesn't even think to knock, just opened my front door and walked right in.", while the closest thing you can find to accidental live webcams in old writing is gods spying on mortals for fun, making us the Anansi, the Loki, the Eshu. And for the furries, the Coyote. | | |
| ▲ | cwmoore an hour ago | parent [-] | | “Everything is a bad analogy” is a beautiful observation——like Plato’s Cave. |
| |
| ▲ | functionmouse 4 hours ago | parent | prev | next [-] | | No, it really isn't... | |
| ▲ | what 4 hours ago | parent | prev [-] | | Not really? It’s just like not closing your blinds and being shocked that people on the street can see you. | | |
| ▲ | fc417fc802 2 hours ago | parent [-] | | Not closing the blinds on the window you can't see that looks out onto an invisible street that only exists from your perspective as some sort of abstract concept. Also your "window" isn't readily visible from a distance someone has to go stumbling around in the dark and find it by physically running into it. In other news I'm considering developing a new app and was wondering about VC funding. It's for mapping out ladders adjacent to windows down back alleys. I think it would dovetail well with nipalert. |
|
|
|
| ▲ | 22 minutes ago | parent | prev | next [-] |
| [deleted] |
|
| ▲ | cwmoore an hour ago | parent | prev | next [-] |
| What could go possibly go wrong with “point and shoot”? |
|
| ▲ | barbazoo an hour ago | parent | prev | next [-] |
| > There's also a difference between your neighbor not closing her blinds and you using a telescope to look inside her apartment, which is what sites like this are. How else are things supposed to change. Hopefully this will embarrass some oligarch enough to force companies to close their loopholes. |
|
| ▲ | wyager 4 hours ago | parent | prev [-] |
| 99.9% of normies have a router NATing all their traffic It takes active effort to expose a camera publicly |
| |
