> As a rule of thumb, if you believe that "nobody would connect that to the Internet, really nobody", there are at least 1000 people who did.
nik282000 2 hours ago [-]
So many SCADA terminals and HMIs just hangin out on the internet.
preisschild 1 hours ago [-]
Connect it but make sure authorization is actually secure
nullsanity 28 minutes ago [-]
[dead]
djeastm 5 minutes ago [-]
I think the author of the website should next work on some kind of alerting system for the owners of these webcams to let them know they're exposed and how to make them private.
Then everyone could get what they want: voyeurs can watch exhibitionists like God intended.
This website---naturally, I think---weirds me out. Many of these cameras are in private spaces, with some places you most certainly don't want people to have live feeds of. It's quite disturbing how you can see personal snapshots of people's lives without them knowing. There's a perverse feeling of dread about being able to see into someone's life and being able to paradoxically watch someone eat dinner alone, seemingly so detatched from human connection even with someone watching like some kind of otherworldly spectator.
ryandrake 28 minutes ago [-]
Every consumer tech company I’ve worked for had at least one guy who was a PM or a PM like role, who would say things like “InfoSec UX is confusing! Users don’t want to deal with IP addresses and firewalls and passwords and keys. We need to make the product easier to share by default!” This scenario seems to be what happens when anyone actually listens to That Guy.
Sharing on the internet should be one of the hardest things to do in your product. You need to make enough friction that the user can never do it by accident or by default. And the user should be warned at every step.
mmooss 18 minutes ago [-]
The answer is to make sharing secure, easy, and with informed consent. The answer is not to impose IP addresses, NAT routing, keys, etc. so that only technical people can give their consent.
dotancohen 15 minutes ago [-]
How _does_ it work then, without imposing IP addresses, NAT routing, keys, etc?
mmooss 10 minutes ago [-]
One method (for many trans-NAT routing issues) is the manufacturer provides a proxy on the Internet, creates a secure connection between camera and proxy (controlling both ends, they should be able to navigate NAT issues, etc.), and then securely publishes the video. The manufacturer could encrypt the video E2E so they can't see it. This also hides the camera's location and IP.
All with informed consent of course.
Edit: Come to think of it, video chat apps (WhatsApp, Signal, etc.) seem to do this, at least sometimes.
nik282000 2 hours ago [-]
If the room has an IP camera in it, it is by definition not private. Since cheap cameras have begun to appear everywhere I treat them all as if they were publicly viewable. I'm not going to hide from them, but I save my more thorough ear cleanings and ass scratchings for home.
AlecSchueler 1 hours ago [-]
> If the room has an IP camera in it, it is by definition not private.
While right, there are multiple definitions of "private" and for others OP's point still stands.
jubilanti 1 hours ago [-]
> If the room has an IP camera in it, it is by definition not private.
No. No. No. No. No. No. No. No. No.
So if I put an IP camera inside your bedroom without your notice or consent, and hook that up to the Internet, you'd be okay with that? Because it's public!
A lot of these are probably from default or misconfigurations. A lot of these people with IP cam feeds visible to the Internet probably do not know they are open.
anakaine 53 minutes ago [-]
You've read the comment the wrong way.
The intent was to say "You cannot call a space private if it has a networked camera in it." Not "only a public space can host a camera".
jubilanti 49 minutes ago [-]
I know what the comment said, thank you very much. They were conflating two senses of 'public' in two sentences. I was responding to the implication that because these are, in one sense of the word, public, that means that it is OK to treat them as if they are public in a different sense of the term.
This:
> If the room has an IP camera in it, it is by definition not private.
Does not necessarily mean this:
> Since cheap cameras have begun to appear everywhere I treat them all as if they were publicly viewable.
The implication is that if someone misconfigured or otherwise didn't know their camera was broadcasting to the world, anyone is morally and legally correct in doing whatever they want with it, and it is their fault because it is "public". That is wrong.
mewpmewp2 27 minutes ago [-]
> anyone is morally and legally correct
I think it's more so similar to that if you leave something shiny and expensive in a visible position in a car in a neighborhood known for high rate of thievery there are good odds of your stuff being stolen. They are not claiming that the thieves are morally or legally correct.
dotancohen 11 minutes ago [-]
I agree with you.
That said, there are many people for whom "blaming the victim" is forbidden at all costs, and thus don't seem to have the facility to understand not making oneself a target. I suspect that you are replying to somebody possibly like that.
throw310822 46 minutes ago [-]
Ok. The original commenter said:
> "Many of these cameras are in private spaces"
To which the gp answered
> It's not private if it has a ip cam in it
So what? Either he meant to contradict the op (and then it's correct to push back), or this is an entirely superfluous comment given they both understand what the problem is.
hammock 35 minutes ago [-]
It’s not superfluous. It’s saying “it’s unsafe to assume any space is private.”
rolph 1 hours ago [-]
possibilities exist.
a] they may be exhibitionists
b] they dont realise they are misconfigured
c] someone hacked them to whatever end
d] they are doing nothing wrong thus believe they have nothing to hide.
fhdkweig 58 minutes ago [-]
Or they don't even know the camera is there. I've heard of landlords doing that in tenant's private spaces, including bathrooms. When caught, they like to claim they are just keeping an eye on the property, but everyone knows they are just perverts.
3 minutes ago [-]
QuantumNomad_ 1 hours ago [-]
Hehe, this one has a feeding tray with a novelty sign on it:
> Baiting deer is illegal!
> This corn pile is intended for squirrels, chipmunks, and other such critters.
That is clever! If the guy does get caught hunting deer in that immediate area, I wonder if this could be used against him.
bewal416 40 minutes ago [-]
All these “is this ethical” comments remind of similar discussions happening in the IMG_0416 articles, about YouTube video that were most likely not meant to be scene publicly: https://news.ycombinator.com/item?id=42102506
PhilipRoman 17 minutes ago [-]
Hah, someone from UK seems to have a camera pointing to his cannabis plants... Hopefully the guy has a "loicense" for that, otherwise it would be a hilarious way to get busted
elliotbnvl 2 hours ago [-]
Definitely an invasion of privacy. I can’t visit this website in good faith. It should be taken down.
The point is valuable, and the mission is important, but the ends do not justify the means. If this must be shared, at least use static pictures and don’t stream the content for viewers.
nik282000 2 hours ago [-]
Yes and no? The owners of these devices made them publicly available by design or through ignorance. While they should be notified of their (maybe) mistake, it's no different from a person who doesn't understand that their neighbours can see into an open window at night.
Should Shodan be taken down because it can search for these devices? What about Google because it can find admin consoles?
IanCal 54 minutes ago [-]
> it's no different from a person who doesn't understand that their neighbours can see into an open window at night.
And standing out in the street staring through with binoculars is still wrong and creepy.
> Should Shodan be taken down because it can search for these devices? What about Google because it can find admin consoles?
It’s not a new idea, nor that controversial, that we restrict things specifically aimed at doing something rather than ones just capable of it.
gblargg 1 hours ago [-]
The site even lets you see if any of your cameras are exposed, where it switches to a map view and shows any near you.
nik282000 1 hours ago [-]
I know that my cameras are behind an auth layer but, as it is painfully obvious here, many people do not. A 'check my cameras' feature is a nice way to find out if you messed up.
imglorp 40 minutes ago [-]
It's not the site's fault.
These things are open server ports on the wild internet. Anyone with a "for" loop can find them easily. If they care about privacy they shouldn't have them public.
mike_hock 6 minutes ago [-]
No, the world's job is not to make itself safe for you if you don't give a crap.
If you roll your eyes at the thought of having to manage credentials or refuse to learn how the internet works on a basic level, you're not fit to set up devices connected to the internet.
Secure your shit or don't play with technology you can't handle.
Mistletoe 1 hours ago [-]
I think the website is kind of awesome. If you put a window in your home and opened it to the world is it wrong to look through the window? If someone installed the camera and didn’t understand what they are doing that is on them.
IanCal 53 minutes ago [-]
If you’re aware the person wouldn’t want you to do that, yes it’s wrong. Being able to do something is not the same as it being right to do something.
qotgalaxy 1 hours ago [-]
[dead]
mannanj 1 hours ago [-]
Do you feel this is true for government agencies too?
nik282000 26 minutes ago [-]
If I set up a camera in my money laundering room and put it online, I would not fault a government from using it against me. If they bruteforced a password or used some undisclosed zeroday then I might take issue.
eszed 48 minutes ago [-]
Hell, yes. (Not GP.)
applicative 37 minutes ago [-]
I thought it all had to be fake but, thinking it would be innocent, did watch what seems to have been the priests’s concluding procession for 430 Saturday vigil at St Martin of Tours in Louisville which I had to labor a bit to identify At first I thought ‘who goes to church Saturday afternoon’ - and not a bad crowd for Louisville on a Saturday afternoon. God knows how such a thing turns up.
40 minutes ago [-]
johnmkane 1 hours ago [-]
I feel like a small group of Geo Guesser pros could organize a nice competition for them selves and at the same time make a big service to lots of people.
davidvaughan 2 hours ago [-]
Droitwich, UK, is a bit revealing.
realty_geek 1 hours ago [-]
Seems a bit shifty to be honest...
What is the goal?
And they've created a reddit page specifically for this!
dbmikus 2 hours ago [-]
Really freaky seeing how many of these are bedrooms.
himata4113 2 hours ago [-]
So that's where all of that footage came from on **** leak. I mean I knew it was bad, but there's just so many and it is 2026.
nik282000 1 hours ago [-]
Lazy manufactures and ignorant users are responsible for the majority of this nonsense.
fuzzfactor 9 minutes ago [-]
Some people just want to use an app to see what their pets are doing when they are not home.
Without realizing that the entire world can see what the owners are doing when they are at home. Without using any special app at all.
Bender 1 hours ago [-]
Could be some oopsie did I accidentally expose myself? exhibitionists.
jrochkind1 38 minutes ago [-]
What, no plotting on a map?
fuzzfactor 22 minutes ago [-]
There's a number of streams from resorts and swimming pools, may be a good idea in case kids get into trouble around the water.
Adults too, if you had a pool like this wouldn't everybody want to share their "sex pool party cam"?
Imagine if someone put plausible but strange/shocking fake videos on an open port for the voyeurs to think real and freak out about.
nemothekid 1 hours ago [-]
Off topic: Is there anyone doing any research on how to use Claude/Agents to design websites that don't look so, "Claude"?
djeastm 7 minutes ago [-]
I don't think it needs research the person developing just has to care what the website looks like. A lot of people just want functionality. But there are also pre-made front-end skills that do a lot of that front-end "taste" legwork for you (still obviously pre-made, but not in the default Claude look)
chickensong 33 minutes ago [-]
No research needed, just use the tool differently.
alexpotato 1 hours ago [-]
People always say that LLMs design websites/write text/produce code that is the same.
I don't really understand this b/c it's trivial to say "write me a letter in the style of <famous letter writer A> mixed with the style of "<famous letter writer B>"
Or
"Here are some examples websites, make a new website that is a remix of all of the example sites".
You would be surprised at the results.
morkalork 1 hours ago [-]
Maybe ask Claude how to keep the site up before doing a redesign of the UI...
andrewstuart 47 minutes ago [-]
“Give 20 different designs all must be distinct unique and not look averaged like a typical LLM site”
nik282000 1 hours ago [-]
You should ask Claude and see how many kWh and gallons it can use up to hallucinate an answer.
cwillu 55 minutes ago [-]
Assuming a stack of H100's is required for the size of the model, about 66 kilojoules. It's okay, I'll offset it by eating a cold sandwich tonight instead of boiling water for spaghetti, and then I'll be good for a dozen such conversations.
mewpmewp2 24 minutes ago [-]
This is precisely why I never heat my food and consume caffeine pills instead of coffee.
> As a rule of thumb, if you believe that "nobody would connect that to the Internet, really nobody", there are at least 1000 people who did.
Then everyone could get what they want: voyeurs can watch exhibitionists like God intended.
Sharing on the internet should be one of the hardest things to do in your product. You need to make enough friction that the user can never do it by accident or by default. And the user should be warned at every step.
All with informed consent of course.
Edit: Come to think of it, video chat apps (WhatsApp, Signal, etc.) seem to do this, at least sometimes.
While right, there are multiple definitions of "private" and for others OP's point still stands.
No. No. No. No. No. No. No. No. No.
So if I put an IP camera inside your bedroom without your notice or consent, and hook that up to the Internet, you'd be okay with that? Because it's public!
A lot of these are probably from default or misconfigurations. A lot of these people with IP cam feeds visible to the Internet probably do not know they are open.
The intent was to say "You cannot call a space private if it has a networked camera in it." Not "only a public space can host a camera".
This:
> If the room has an IP camera in it, it is by definition not private.
Does not necessarily mean this:
> Since cheap cameras have begun to appear everywhere I treat them all as if they were publicly viewable.
The implication is that if someone misconfigured or otherwise didn't know their camera was broadcasting to the world, anyone is morally and legally correct in doing whatever they want with it, and it is their fault because it is "public". That is wrong.
I think it's more so similar to that if you leave something shiny and expensive in a visible position in a car in a neighborhood known for high rate of thievery there are good odds of your stuff being stolen. They are not claiming that the thieves are morally or legally correct.
That said, there are many people for whom "blaming the victim" is forbidden at all costs, and thus don't seem to have the facility to understand not making oneself a target. I suspect that you are replying to somebody possibly like that.
> "Many of these cameras are in private spaces"
To which the gp answered
> It's not private if it has a ip cam in it
So what? Either he meant to contradict the op (and then it's correct to push back), or this is an entirely superfluous comment given they both understand what the problem is.
a] they may be exhibitionists
b] they dont realise they are misconfigured
c] someone hacked them to whatever end
d] they are doing nothing wrong thus believe they have nothing to hide.
> Baiting deer is illegal!
> This corn pile is intended for squirrels, chipmunks, and other such critters.
> Any deer found eating this corn will be shot!
https://ipcrawl.com/fun/c/373ef0178c5281a5
The point is valuable, and the mission is important, but the ends do not justify the means. If this must be shared, at least use static pictures and don’t stream the content for viewers.
Should Shodan be taken down because it can search for these devices? What about Google because it can find admin consoles?
And standing out in the street staring through with binoculars is still wrong and creepy.
> Should Shodan be taken down because it can search for these devices? What about Google because it can find admin consoles?
It’s not a new idea, nor that controversial, that we restrict things specifically aimed at doing something rather than ones just capable of it.
These things are open server ports on the wild internet. Anyone with a "for" loop can find them easily. If they care about privacy they shouldn't have them public.
If you roll your eyes at the thought of having to manage credentials or refuse to learn how the internet works on a basic level, you're not fit to set up devices connected to the internet.
Secure your shit or don't play with technology you can't handle.
What is the goal?
And they've created a reddit page specifically for this!
Without realizing that the entire world can see what the owners are doing when they are at home. Without using any special app at all.
Adults too, if you had a pool like this wouldn't everybody want to share their "sex pool party cam"?
https://ipcrawl.com/?page=7&cam=398d4f57a3155d42
I don't really understand this b/c it's trivial to say "write me a letter in the style of <famous letter writer A> mixed with the style of "<famous letter writer B>"
Or
"Here are some examples websites, make a new website that is a remix of all of the example sites".
You would be surprised at the results.