These cameras are extremely suspicious -- just follow the money. I bought some cheap Chinese cameras in 2020 that by default send the video stream to a Chinese server, which you can watch with an app on your phone. The cameras were about $40 on Amazon, so my guess is the manufacturer was getting paid maybe $15-20 for them.
Bandwidth to and from China is not that cheap, and you could be running this stream 24x7. The streaming service still works 4 years later even though the company whose name is on the camera has vanished.
So, who is paying the server/bandwidth bill? The camera is too cheap to afford indefinitely providing this service, so you can only presume that you're paying in another way. Probably there is some third party in China that the camera manufacturer makes a deal with. The camera manufacturer may even be getting paid to pick a particular provider.
Something worth keeping in mind is that Chinese factories that makes things like IP cameras don't typically have their own (significant) R&D departments and instead work from examples provided by the makers of the chipsets. Sometimes there will be another company involved that provide an "IoT ecosystem" (Tuya is a major player here: https://www.tuya.com/solution/hardware/ip-camera ).
So it's not necessarily surprising that the backend still works even if the manufacturer (Amazon brands are not typically the factory themselves, for practical reasons frequently changing "brand names" are used) is no longer present.
Since the topic of the article is about reverse engineering, I think it is extremely important to remember this. R&D time is very expensive. As people predominantly in CS, we should be aware of this, as this is typically how we are classified. And I think everyone innately knows how much more difficult it is to create something from scratch, the help you get just by having a reference, and how much easier it is to copy (or modify) when you have the thing in your hands (or source).
And it is worth noting that prices are vastly different in China. Labor is much cheaper and licenses aren't respected. The cost of living is cheaper to a smaller profit margin goes a much longer way. As tfa mentions, there are identical cameras sold by different manufacturers. It is unclear if this is typical reskinning or designs being taken. Both significantly reduce the cost of things. I have no idea how much hosting costs in China.
Regarding hosting, it's a big pain point for companies building these systems out of China as the "great firewall" makes it really hard to have reliable connectivity between the Chinese Internet (and datacenters) and outside. The ap-east-1 zone of AWS, based in Hong Kong, is very popular in that context as it tends to be accessible from both sides (so cost is fairly typical of AWS costs in that case). Alternatively Alibaba also have cloud datacenters in Hong Kong with similar properties.
A lot of them the stream is just a relay to create a connection between you and the camera via Upnp or something similar. They aren't actually footing a bill for all the bandwidth.
That may be the case for live viewing, but those that record longer term generally do it to a server out there. I have some from a company called Yi that I now refuse to use: they used to support local recording to SD card instead but that broke and the support answer seems to be “use the remote recording”, the remote recording only supports a short time window unless you pay a subscription, and they started flooding the ap with adverts if you don't pay for the sub in any case. The streams are non-standard so the cameras require custom firmware to make work with open source solutions, so I've just bought some better cameras that are said to work out of the box. Now I just need to get around to setting them up…
I bought one on AliExpress for just under 18 EUR. Mine works similarly, that it streams to some server in the cloud. I knew this, and only connected it for testing a little bit and made sure to not put my face or any of my documents etc in view of the camera.
The company behind the one I bought does seem to have a slightly better business model though. With them you can use it free to see live or you can pay them a monthly fee for recordings.
As for me my plan is to put it on a LAN without internet access and figure out how to get the video locally.
I use a Raspberry Pi to run a Tailscale subnet router on the LAN. I installed some cheap IP cams but blocked all Internet access so they can only access my LAN. With the Tailscale subnet router I can still get remote access to the camera streams from my phone.
Make sure to also specify a domestic NTP server - it may refuse to work until the time is synced, and most of the cheap cameras I looked at sync time with China by default.
A network of always on, always connected IP cameras with synchronized time and position is a perfect supplement to reconnaissance satellites. My neighbours buy and install them all over the place and it infuriates me, as their only buying criterion is "cheap". I'm investigating ways to permanently disable or cook these cameras over WiFi frequencies.
Bandwidth to and from China is not that cheap, and you could be running this stream 24x7. The streaming service still works 4 years later even though the company whose name is on the camera has vanished.
So, who is paying the server/bandwidth bill? The camera is too cheap to afford indefinitely providing this service, so you can only presume that you're paying in another way. Probably there is some third party in China that the camera manufacturer makes a deal with. The camera manufacturer may even be getting paid to pick a particular provider.