Flock Exposed Its AI-Powered Cameras to the Internet. 404 Media Tracked Themselves.

Submitted ⁨⁨3⁩ ⁨weeks⁩ ago⁩ by ⁨tonytins@pawb.social⁩ to ⁨technology@lemmy.world⁩

https://www.404media.co/flock-exposed-its-ai-powered-cameras-to-the-internet-we-tracked-ourselves/

I am standing on the corner of Harris Road and Young Street outside of the Crossroads Business Park in Bakersfield, California, looking up at a Flock surveillance camera bolted high above a traffic signal. On my phone, I am watching myself in real time as the camera records and livestreams me—without any password or login—to the open internet. I wander into the intersection, stare at the camera and wave. On the livestream, I can see myself clearly. Hundreds of miles away, my colleagues are remotely watching me too through the exposed feed.

Flock left livestreams and administrator control panels for at least 60 of its AI-enabled Condor cameras around the country exposed to the open internet, where anyone could watch them, download 30 days worth of video archive, and change settings, see log files, and run diagnostics.

Archive: archive.today/IWMKe

source

Comments

Sort:hotnew top

HootinNHollerin@lemmy.dbzer0.com ⁨3⁩ ⁨weeks⁩ ago
Tear em down

source
- perishthethought@piefed.social ⁨3⁩ ⁨weeks⁩ ago
  Or like someone in Hacker News comm suggested, use this to track a US Senator for 24 hours, make it all public, then see if they’re still OK with this…
  
  source
  - talentedkiwi@sh.itjust.works ⁨3⁩ ⁨weeks⁩ ago
    They’ll just make it illegal for just them. Like the Internet privacy
    
    source
    -> View More Comments
  - JustARegularNerd@lemmy.dbzer0.com ⁨3⁩ ⁨weeks⁩ ago
    Hacker News Thread: news.ycombinator.com/item?id=46355548
    
    source
    -> View More Comments
  - django@discuss.tchncs.de ⁨3⁩ ⁨weeks⁩ ago
    This is the way.
    
    source
  - ulterno@programming.dev ⁨3⁩ ⁨weeks⁩ ago
    Might as well use it to track ICE
    
    source
  - anomnom@sh.itjust.works ⁨3⁩ ⁨weeks⁩ ago
    Do a SCROTUM and find out of they’re still sending people to SECOT.
    
    source
  - Vex_Detrause@lemmy.ca ⁨3⁩ ⁨weeks⁩ ago
    I feel like this is being done now but by the ‘adversaries’ that would love to keep the vulnerabilities a secret they can exploit later.
    
    source
    -> View More Comments
- a_jackal@pawb.social ⁨3⁩ ⁨weeks⁩ ago
  Or point a very powerful laser at them
  
  source
ksigley@lemmy.world ⁨3⁩ ⁨weeks⁩ ago
I do not consent.

source
archchan@lemmy.ml ⁨3⁩ ⁨weeks⁩ ago
The idea that you’re somehow not entitled to privacy based on the publicity of a space has got to be one of the most successful propaganda campaigns used to strip privacy against the will of people.

Fuck you, I want to take a walk and generally travel freely without being tracked by some fucking “Flock” or Ring camera, or uploaded unblurred to some randos Instagram where Meta and Clearview will train facial recognition and generative AI, or having my entire life story and biometric data collected at some airport.

Take me back to the thousands of years humanity existed without obscenely invasive tech.

source
- vacuumflower@lemmy.sdf.org ⁨3⁩ ⁨weeks⁩ ago
  It’s the “common sense” part of the laws.
  
  A honest person has right to live without being tracked. You shouldn’t care how they’ll do it and you shouldn’t care if they go out of business.
  
  And of course you shouldn’t fear to be public about it and demand answers, LOL, the most notable for me personally part about today’s politics is that in English-speaking countries that fear seems to have become a thing. Well, because any protest that’s more than a demonstration is becoming dangerous and costly.
  
  While literal legalism always helps tyranny.
  
  It’s not much different from USSR in the 70s and 80s, “yeah, you can have all your rights, a defendant and all, and correspondence and you won’t be tortured for submitting a complaint, and Soviet laws will be followed to the letter, but good luck, prove you’re not a camel”.
  
  Since USSR and western nations no longer exist in the same time period, it’s easy to discard even the thought that the latter are gradually becoming similar to the former in some regards, and might even overshoot it.
  
  Anyway, I live in Russia, here things are for the last few months at the point where I can get jailed for writing even this, just because. LOL again.
  
  source
  - Ledivin@lemmy.world ⁨3⁩ ⁨weeks⁩ ago
    
    A honest person has right to live without being tracked.
    
    The implied corrolary here is that a dishonest person doesn’t have this right? How is one determined to be dishonest?
    
    source
    -> View More Comments
- ulterno@programming.dev ⁨3⁩ ⁨weeks⁩ ago
  I’m pretty sure that the “non entitled to privacy” part was not about getting organisationally stalked, but that if someone were to randomly take a picture outside and post it somewhere, then you don’t get to make them take down photos.
  Also, if you are creating a scene in public, other get to film you as they get to see you.
  
  This is not a problem about privacy in public. This is a problem of:
  
  organisational stalking
  
  misrepresentation of actions
  
  shirking accountability and responsibility
  
  source
- scarabic@lemmy.world ⁨2⁩ ⁨weeks⁩ ago
  It reminds me a little of Game of Thrones, where all the major players, the royals etc all have spy networks. This is a world where very poor peasants and servants are everywhere and many of them, including children, end up in the employ of this person or that person, such that one’s movements and meetings are trackable to a minute degree. The better your spy network, the more power you have.
  
  Of course Varys, spymaster to the crown, is famed for the effectiveness of his network, which spans the continent and even across the sea to other major cities.
  
  He himself is a master of disguise. This was left out of the show entirely but he frequently appears by surprise, whipping off the guise of an d woman and later leaving the scene dressed as a priest, etc. He grew up with actors and uses makeup, and costume changes to hide his tracks. He can change his voice and gait at will and routinely shocks people by his ability to blend in and appear or disappear at will.
  
  Basically, in a world with no privacy, the world’s foremost surveillance master is a model for all of us in these times. If you want to move freely in public but do so without a trace, be prepared to pull your hood up and when you leave a restaurant, take off the sweater you were wearing when you went in. Practice different postures to throw off gait tracking.
  
  You don’t have to like it, but this is the world we live in.
  
  source
baggachipz@sh.itjust.works ⁨3⁩ ⁨weeks⁩ ago
Image

source
- AtariDump@lemmy.world ⁨3⁩ ⁨weeks⁩ ago
  Image
  
  source
  - Makhno@lemmy.world ⁨3⁩ ⁨weeks⁩ ago
    Original is better
    
    source
    -> View More Comments
  - _g_be@lemmy.world ⁨3⁩ ⁨weeks⁩ ago
    I swear to God if this is AI upscaled
    
    source
ArmchairAce1944@discuss.online ⁨3⁩ ⁨weeks⁩ ago
Again? How insecure are these things? I am honestly wondering how easy it would be to get into one and shut down the entire system.

source
- Dogiedog64@lemmy.world ⁨3⁩ ⁨weeks⁩ ago
  It’s obvious that these guys are fucking amateur hour Techbros, running this shitshow as they have. I don’t doubt they’re underpaying and undertraining the contractors they hire to install these things.
  
  source
  - TheOakTree@lemmy.zip ⁨3⁩ ⁨weeks⁩ ago
    If anything, they might have written most of the infrastructure using LLMs. It’s easier for vibecode to forget about security because LLMs often forget context or hyperfixate on the wrong features.
    
    source
- thethunderwolf@lemmy.dbzer0.com ⁨3⁩ ⁨weeks⁩ ago
  Install a hardware-frying virus on it
  
  source
  - ArmchairAce1944@discuss.online ⁨3⁩ ⁨weeks⁩ ago
    I studied coding for a while (and it has been a while since I punched in code), but I never coded a virus. I am hesitant to ask an LLM to do it since I have no idea if it’ll work, and I also need to test it to see if it works first. Not sure if I have any sacrificial electronics to do that.
    
    source
    -> View More Comments
excursion22@piefed.ca ⁨3⁩ ⁨weeks⁩ ago
Benn Jordan did a recent video on his…explorations of Flock cameras. Essentially, they’re easily hackable and really should be an urgent matter of national security.

source
- NikkiDimes@lemmy.world ⁨3⁩ ⁨weeks⁩ ago
  Dude, he just released another one where they accessed dozens of real, currently in use cameras. They didn’t even “hack” them, they just used a search engine to find publicly exposed cameras, opened their unsecured internal web panel, and could download and view any footage over the past 31 days.
  
  Truly wild.
  
  source
  - Bytemeister@lemmy.world ⁨3⁩ ⁨weeks⁩ ago
    Reading flock their own response about their security and recording it via one of their active and installed cameras was fucking great. I mean, it was nightmare shit, but at a certain point, you have to appreciate the irony.
    
    source
    -> View More Comments
  - Evotech@lemmy.world ⁨3⁩ ⁨weeks⁩ ago
    Yeah he is working with 404 media
    
    source
  - thermal_shock@lemmy.world ⁨3⁩ ⁨weeks⁩ ago
    All that and they can’t catch real criminals, got a harass “illegals” and law a using citizens for speeding a little.
    
    source
    -> View More Comments
  - tooclose104@lemmy.ca ⁨2⁩ ⁨weeks⁩ ago
    This only serves to justify my secret low key paranoia that my like is like The Truman Show… I wish my parents were better about limiting some of the movies I was allowed to watch growing up… Arachnophobia was another lasting damage banger…
    
    source
- MisterFrog@lemmy.world ⁨3⁩ ⁨weeks⁩ ago
  You can bet your ass foreign spy agencies are laughing their arses off about this as they track whatever targets they like
  
  source
BanMe@lemmy.world ⁨3⁩ ⁨weeks⁩ ago
I was living in a 10th story penthouse apartment as a new building started beside us. The contractor put a webcam high up on the structure so people could watch construction live on a website. They left the control panel fully exposed so all you had to do was find the IP address of the camera and boom, you had full control. I would point it directly at my apartment’s window and wave, or my friends would do silly shit. Every morning the cam would be reset, but they never actually secured it. That’s when I realized how fucked we were, 20 years ago.

source
- LunaChocken@programming.dev ⁨3⁩ ⁨weeks⁩ ago
  I wouldn’t be surprised if it got found by Shodan, which scans the entire internet, indexes it and is easily searchable.
  
  There’s actually quite a few open webcams on the internet that shouldn’t be.
  
  github.com/00xNetrunner/Shodan_Cheet-Sheet
  
  source
baller_w@lemmy.zip ⁨3⁩ ⁨weeks⁩ ago
Benn Jordan did a great video on this: youtu.be/vU1-uiUlHTo

source
- CmdrShepard49@sh.itjust.works ⁨3⁩ ⁨weeks⁩ ago
  He co-released a video with 404Media on this new dystopian finding today as well.
  
  source
W3dd1e@lemmy.zip ⁨3⁩ ⁨weeks⁩ ago
A city in the KC Metro just signed a contract with Flock for drone cameras. Fuck that Big Brother bullshit.

source
- Tollana1234567@lemmy.today ⁨3⁩ ⁨weeks⁩ ago
  red light companies most likely use some form of AI/facial recognition.
  
  source
ssfckdt@lemmy.blahaj.zone ⁨3⁩ ⁨weeks⁩ ago
I seem to recall an early 00s screen, perhaps by Bruce Schneier or someone of that ilk, suggesting a future in which yes we have surveillance in the public square, but since it’s public, everyone has full access to all the public-place cameras at any time. So you could use it to, say, see around the corner of an alley at night.

source
- noahm@lemmy.world ⁨3⁩ ⁨weeks⁩ ago
  That was David Brin in The Transparent Society. He has continued to riff on the theme periodically since then.
  
  source
twelvety@fedia.io ⁨3⁩ ⁨weeks⁩ ago
Um, so? What am I missing here? You're in a public place with no expectation of privacy.

Public streaming webcams have been a thing for three decades. There's even an entire Geocaching category where you must be captured to prove you were there.

source
- DeathByBigSad@sh.itjust.works ⁨3⁩ ⁨weeks⁩ ago
  This is ai-tracking is equivalent to having a government agent following you 24/7
  
  source
  - ArmchairAce1944@discuss.online ⁨3⁩ ⁨weeks⁩ ago
    It is kinda insane. I mean if someone was standing outside their window with a notepad writing down everything they see and hear people would be creeped the fuck out. But put a camera there and the same asshole is sitting on a computer desk in a different city they are ok with?
    
    source
    -> View More Comments
  - Agent641@lemmy.world ⁨3⁩ ⁨weeks⁩ ago
    My legs get tired
    
    source
- Ulrich@feddit.org ⁨3⁩ ⁨weeks⁩ ago
  
  Public streaming webcams have been a thing for three decades.
  
  Most of those public streaming cams are streaming to a private server, and not 40k cameras contributing to the same global database. They’re also not being tracked with AI and storing license plate numbers, facial recognition, etc. to be categorized and later searched by law enforcement for, whatever reason they want.
  
  source
  - Tollana1234567@lemmy.today ⁨3⁩ ⁨weeks⁩ ago
    alot of those red light and speed camera in west coast is most likely using AI and facial recognition, these are 3rd party doing it.
    
    source
- ieatpwns@lemmy.world ⁨3⁩ ⁨weeks⁩ ago
  This gotta be bait
  
  source
- WhatGodIsMadeOf@feddit.org ⁨3⁩ ⁨weeks⁩ ago
  The ai part?
  
  source
- shalafi@lemmy.world ⁨3⁩ ⁨weeks⁩ ago
  For your detractors, I’d like to point out that nothing stated here in untrue.
  
  The problem is feeding 10’s of thousands of video streams, from a single entity, to the police and government. And now they’re using AI to sort the data, which is a powerful use case for AI.
  
  Were we to magically feed all the webcams and doorbells and security cameras to a single source, it would still be a technological mess to sort out. Flock’s system is purpose built to track us.
  
  source
- bigfondue@lemmy.world ⁨3⁩ ⁨weeks⁩ ago
  WTF I love big brother now
  
  source
- ulterno@programming.dev ⁨3⁩ ⁨weeks⁩ ago
  It’s not a privacy problem.
  It is a stalking problem.
  
  We’re using the wrong words.
  
  If we end up getting privacy in public, the police will then use it to stop people from filming them in public. That is the long-term goal of setting this in motion.
  
  source
jmsy@lemmy.world ⁨3⁩ ⁨weeks⁩ ago
Snip their wires, spray paint their lens, or put a hammer on the end of a tall stick. it should be easy to take these things out. Of course don’t do anything or have anything on you that would identify you were in the area at the time of these actions.

source
- cardfire@sh.itjust.works ⁨3⁩ ⁨weeks⁩ ago
  There is now enough adjacent cctv coverage to follow your approach and exit from the scene of the crime. The rush is that another Flock camera is used to identify, and then make an example out of you or me.
  
  source
- thermal_shock@lemmy.world ⁨3⁩ ⁨weeks⁩ ago
  Air rifles are pretty cheap too if you can shoot straight.
  
  source
  - Corkyskog@sh.itjust.works ⁨3⁩ ⁨weeks⁩ ago
    I am wondering if a super soaker with very salty water would work. It should heavily obscure the lens when dried and if someone doesn’t clean it properly it will scratch it to hell.
    
    source
    -> View More Comments
Taldan@lemmy.world ⁨3⁩ ⁨weeks⁩ ago
Honestly? Good. These cameras should either be public or dismantled. I’d like to see them dismantled, but worst case scenario is the current one. They’re selectively used by law enforcement

source
mlg@lemmy.world ⁨2⁩ ⁨weeks⁩ ago
iirc they weren’t even the first ones to discover this because there was already someone on the blackmarket selling data collected from exposed cameras and endpoints which included PII of entire police departments.

source
modus@lemmy.world ⁨2⁩ ⁨weeks⁩ ago
Is there a directory of these cameras? Or are they gonna make me do all the legwork?

source
- nwtreeoctopus@sh.itjust.works ⁨2⁩ ⁨weeks⁩ ago
  These specifically or just Flock cams?
  
  Here’s a start: DeFlock Me
  
  source
  - modus@lemmy.world ⁨2⁩ ⁨weeks⁩ ago
    I meant the unlocked interfaces. I’m familiar with deflock.me and have contributed to it. But thank you.
    
    source
blockheadjt@sh.itjust.works ⁨3⁩ ⁨weeks⁩ ago
Was interested in reading until JOIN OUR NEWSLETTER

Ew, I don’t care anymore

source
- krooklochurm@lemmy.ca ⁨3⁩ ⁨weeks⁩ ago
  404 media does solid reporting on topics that, in my opinion, matter.
  
  I understand the sentiment but this is the kind of thing we need more of.
  
  source
finitebanjo@lemmy.world ⁨3⁩ ⁨weeks⁩ ago
I feel like Flock Cameras would describe a random individuals walk home from work the same way Andy Samberg does in the music video “Like a Boss”.

source
- __Lost__@lemmy.dbzer0.com ⁨3⁩ ⁨weeks⁩ ago
  Your walk home sounds a lot more interesting than mine.
  
  source
  - finitebanjo@lemmy.world ⁨2⁩ ⁨weeks⁩ ago
    Whoooooooosh
    
    source
rottenmummy@lemmy.world ⁨2⁩ ⁨weeks⁩ ago
Wholly fuck!

source