I made some thoughts about the security of ip camera systems.
There are nowadays even cameras which doesn’t offer https. There you can fetch the stream easily.
Some camera producers give all of the cameras the same ssl certificates.
If you buy one of those and copy the private key you can decrypt the traffic of every ip camera which is the same model.
Some other producers use wildcard certificates for a specific domain so there you have also the decryption key.
Many cameras don’t have the feature to implement own ssl certificates so this a big problem. Some nerds use a webserver as a reverse proxy with their own ssl certificates to secure cameras which are „available“ through the internet 😀
How to find unsecured surveillance cameras
I personally use zoneminder as a surveillance system.
The HTTP title of this software is like „ZM – Console“ or „ZoneMinder Console“. If you search in google exactly this pattern (with quotes) you can find a lot of unsecured surveillance cameras which are public available through the internet.
You can try it out with other security system if you know the HTTP title.
Just three or four clicks and you can secure zoneminder with a username and a password. If you don’t trust the security of zoneminder (bruteforce) you can even set a password in your webserver vhost (htpasswd) and install fail2ban which detects and bans bruteforce. But i think those persons are to lazy to deal with the security of those surveillance camera systems.