alt Hacker NewsInteresting, but nothing new. Shodan users have known about clueless IP camera owners that leave their cameras on the public internet for years. This is a little more interesting because it's from a well-funded startup rather than independently owned Chinese IP cameras.
Searching for ALPR was also one of the popular early queries: https://github.com/jakejarvis/awesome-shodan-queries?tab=rea...
The old PIPS ALPR devices aren't online anymore but they had horrible security as well. Just sending a newline to their UDP port would cause them to send you all images as they were being collected in real-time - no authentication needed. And the images had the license plate information encoded in the JPG metadata. I did a talk about it at some point (https://imgur.com/HHcpJOr) and worked with EFF to take them offline