Not only are they hackable, a search engine exists that has a section devoted to unsecured webcam images, showing everything from cribs to kitchens to private laboratories, Ars Technica reports.
Called "creepy" by Quartz, the Shodan search engine can access webcams that have no password authentication and share video via the Real Time Streaming Protocol.
That includes millions of insecure webcams, according to security researcher Dan Tentler. "The consumers are saying, 'We're not supposed to know anything about this stuff [cybersecurity]," he says.
"The vendors don't want to lift a finger to help users because it costs them money." Quartz suggests a relatively easy fix for worried webcam users: "Put a password on them." Still, the question of webcam security easily applies to other so-called "Internet of Things" devices—like cars and medical devices—and raises the possibility of government regulation.
The FTC has already accused over 50 companies of failing to secure services, products, or networks, and given IoT manufacturers guidance on proper security.
"The thing that really does come next after guidance is regulation, if they don't pick up their game," security researcher Scott Erven tells Ars Technica. Meanwhile, a researcher group called I Am the Cavalry is creating a rating system for consumer IoT devices, and the US Air Force has funded a similar "Consumer Security Reports" project, Inside Cybersecurity reported in October.
But don't expect the moon: "Our dependence on technology is growing faster than our ability to secure it," says Erven. (Not even Barbie is safe.)