There is an ongoing effort by several government agencies to bring down Insecam.com, a web site that displays a database of insecure web cameras organized by location.
Insecam.com is a domain registered with GoDaddy, using their WHOIS proxy service; the domain forwards to Insecam.cc and the content is hosted on a server in Russia.
The web site’s owners have apparently scanned thousands of IP addresses for particular ports indicating the existence of a web-connected camera; some of these show kids’ beds or living quarters but the majority appear to be security cameras at offices, stores, gates and other businesses.
Many security camera owners that share content via the web, rarely change the default username and password, allowing for anyone with the particular IP address to snoop into everything the web camera sees!
As Insecam states:
“Sometimes administrator (possible you too) forgets to set the default password on security surveillance system, online camera or DVR. This site now contains access only to cameras without a password and it is fully legal. Such online cameras are available for all internet users. To browse cameras just select the country or camera type. This site has been designed in order to show the importance of the security settings. To remove your public camera from this site and make it private the only thing you need to do is to change your camera default password.”
Both GoDaddy and Verisign require a court subpoena in order to disable domains, and so far the web site Insecam.com appears to be active, although it often succumbs to traffic from the worldwide publicity and outrage.
Looks like they removed all the cameras…
James – Correct. He’s now looking for a job 😀