> and wonder if perhaps 99% of normies are just following the directions on the package of their $19 Chinese IP camera.

I doubt that the instructions for a cheap camera have enough information to walk a non-technical user through the process of setting up port forwarding on their specific router.

I could believe that it’s automatic port forwarding via UPnP for some of these cameras.

However a lot of them are from contractors who install the cameras for people as a service and this is the only way they know how to get them remote access. It’s the same reason different industrial controls and other machines keep getting exposed to the internet. Some installer with a git-er-done attitude knows their customer wants a solution to something (remote access) and they use the first technique they can find to accomplish that without any concern about what it means. They accomplish the thing the customer wants, collect payment, and disappear.

If the customer calls back with a complaint about it, the contractor will happily come visit the site and try to “fix” it for another fee.

If you’re thinking that this is a liability issue you’re not wrong, but in much of the world there is no realistic recourse. Most things like this are pure caveat emptor.

I'd also ask us tech savvy people to practice some humility.

Yes, the people setting up these cameras are not following security best practices. But are you sure that you will not make the same mistakes? Are you sure you have never exposed anything you should not have on the Internet, and never will, even as you age?

Let anyone among you who is without fumbling security be the first to throw a stone.

I still don’t understand how someone can end up accidentally exposing things to the public internet. With every ISP I have ever had in my country, it’s all NAT by default. Whatever I connect to my network, wired or wireless, would not be publicly accessible just like that unless I really really went out of my way to make it publicly accessible.

How do so many people end up exposing these cameras to the public internet? Are their ISPs not using NAT by default? Are the users jumping through hoops in order to open it up?

I see it more like that there are things you can do to make sure nobody else gets into your home, like locking the door.

If your door is unlocked, either through ignorance or negligence, it's still not right for someone else to just walk into your home and look through stuff you thought was private.

Sure, they can do it, but just being able to easily do something doesn't make it right.

Telescope is a bad analogy. This is more like the neighbor is inadvertently projecting a feed from inside their house onto a display outside by the sidewalk for any passers-by to see.

What could go possibly go wrong with “point and shoot”?

> There's also a difference between your neighbor not closing her blinds and you using a telescope to look inside her apartment, which is what sites like this are.

How else are things supposed to change. Hopefully this will embarrass some oligarch enough to force companies to close their loopholes.

99.9% of normies have a router NATing all their traffic

It takes active effort to expose a camera publicly