diff --git a/apps/web/app/(app)/layout.tsx b/apps/web/app/(app)/layout.tsx
index c2db356..e4e53bc 100644
--- a/apps/web/app/(app)/layout.tsx
+++ b/apps/web/app/(app)/layout.tsx
@@ -1,14 +1,6 @@
-import { redirect } from "next/navigation";
-import { createClient } from "@/lib/supabase/server";
 import { TopNav } from "@/components/app-shell/top-nav";
 
-export default async function AppLayout({ children }: { children: React.ReactNode }) {
-  const supabase = await createClient();
-  const {
-    data: { user },
-  } = await supabase.auth.getUser();
-  if (!user) redirect("/login");
-
+export default function AppLayout({ children }: { children: React.ReactNode }) {
   return (
     <div className="flex min-h-screen flex-col">
       <TopNav />
diff --git a/apps/web/app/(auth)/layout.tsx b/apps/web/app/(auth)/layout.tsx
deleted file mode 100644
index 197d2fd..0000000
--- a/apps/web/app/(auth)/layout.tsx
+++ /dev/null
@@ -1,17 +0,0 @@
-import Image from "next/image";
-
-export default function AuthLayout({ children }: { children: React.ReactNode }) {
-  return (
-    <main className="flex min-h-screen items-center justify-center bg-white">
-      <div className="w-full max-w-sm border border-neutral-200 p-8">
-        <div className="mb-6 flex flex-col items-center justify-center gap-2">
-          <Image src="/watchdog.png" alt="WatchDog" width={64} height={64} priority />
-          <span className="font-mono text-[10px] uppercase tracking-[0.2em] text-neutral-500">
-            Real-time crime intelligence
-          </span>
-        </div>
-        {children}
-      </div>
-    </main>
-  );
-}
diff --git a/apps/web/app/(auth)/login/page.tsx b/apps/web/app/(auth)/login/page.tsx
deleted file mode 100644
index de5300d..0000000
--- a/apps/web/app/(auth)/login/page.tsx
+++ /dev/null
@@ -1,72 +0,0 @@
-"use client";
-
-import { Suspense, useState } from "react";
-import { useRouter, useSearchParams } from "next/navigation";
-import type { Route } from "next";
-import { createClient } from "@/lib/supabase/browser";
-
-function LoginForm() {
-  const router = useRouter();
-  const params = useSearchParams();
-  const [email, setEmail] = useState("");
-  const [password, setPassword] = useState("");
-  const [error, setError] = useState<string | null>(null);
-  const [loading, setLoading] = useState(false);
-
-  async function onSubmit(e: React.FormEvent) {
-    e.preventDefault();
-    setLoading(true);
-    setError(null);
-    const supabase = createClient();
-    const { error } = await supabase.auth.signInWithPassword({ email, password });
-    setLoading(false);
-    if (error) {
-      setError(error.message);
-      return;
-    }
-    router.replace((params.get("next") ?? "/") as Route);
-    router.refresh();
-  }
-
-  return (
-    <form onSubmit={onSubmit} className="space-y-4">
-      <h1 className="font-mono text-sm font-semibold uppercase tracking-[0.2em]">WatchDog</h1>
-      <label className="block">
-        <span className="block text-xs uppercase tracking-wide text-neutral-500">Email</span>
-        <input
-          type="email"
-          required
-          value={email}
-          onChange={(e) => setEmail(e.target.value)}
-          className="mt-1 w-full border border-neutral-200 px-3 py-2 font-mono text-sm focus:border-black focus:outline-none"
-        />
-      </label>
-      <label className="block">
-        <span className="block text-xs uppercase tracking-wide text-neutral-500">Password</span>
-        <input
-          type="password"
-          required
-          value={password}
-          onChange={(e) => setPassword(e.target.value)}
-          className="mt-1 w-full border border-neutral-200 px-3 py-2 font-mono text-sm focus:border-black focus:outline-none"
-        />
-      </label>
-      {error && <p className="font-mono text-xs text-black">{error}</p>}
-      <button
-        type="submit"
-        disabled={loading}
-        className="w-full border border-black bg-black px-3 py-2 font-mono text-sm text-white disabled:opacity-40"
-      >
-        {loading ? "Signing in…" : "Sign in"}
-      </button>
-    </form>
-  );
-}
-
-export default function LoginPage() {
-  return (
-    <Suspense fallback={null}>
-      <LoginForm />
-    </Suspense>
-  );
-}
diff --git a/apps/web/app/auth/callback/route.ts b/apps/web/app/auth/callback/route.ts
deleted file mode 100644
index b639332..0000000
--- a/apps/web/app/auth/callback/route.ts
+++ /dev/null
@@ -1,15 +0,0 @@
-import { NextResponse, type NextRequest } from "next/server";
-import { createClient } from "@/lib/supabase/server";
-
-export async function GET(request: NextRequest) {
-  const { searchParams, origin } = new URL(request.url);
-  const code = searchParams.get("code");
-  const next = searchParams.get("next") ?? "/";
-
-  if (code) {
-    const supabase = await createClient();
-    await supabase.auth.exchangeCodeForSession(code);
-  }
-
-  return NextResponse.redirect(`${origin}${next}`);
-}
diff --git a/apps/web/components/cameras/camera-wall.tsx b/apps/web/components/cameras/camera-wall.tsx
index 7a59b83..4ed4926 100644
--- a/apps/web/components/cameras/camera-wall.tsx
+++ b/apps/web/components/cameras/camera-wall.tsx
@@ -26,7 +26,12 @@ export function CameraWall({ cameras }: Props) {
   const [stream, setStream] = useState<StreamFilter>("hls");
   const [query, setQuery] = useState("");
   const [visibleCount, setVisibleCount] = useState(PAGE_SIZE);
-  const [hideOffline, setHideOffline] = useState(true);
+  // Default OFF: offline tiles stay in their slot with the "offline" overlay
+  // instead of being filtered out of `visible`, which triggers CSS-grid
+  // reflow and visually shifts every surviving tile. Re-applies the fix
+  // from 9672f31, which was reverted in 0010078 without restoring any
+  // in-place behavior.
+  const [hideOffline, setHideOffline] = useState(false);
   const [offlineIds, setOfflineIds] = useState<Set<string>>(() => new Set());
 
   const reportStatus = useCallback((id: string, status: CameraStatus) => {
diff --git a/apps/web/components/landing/business-owner-view.tsx b/apps/web/components/landing/business-owner-view.tsx
index 6aa15f5..9e3b774 100644
--- a/apps/web/components/landing/business-owner-view.tsx
+++ b/apps/web/components/landing/business-owner-view.tsx
@@ -1,6 +1,12 @@
 "use client";
 
 import { useEffect, useRef, useState } from "react";
+import { LiveStream } from "@/components/cameras/live-stream";
+
+// Public Caltrans D4 HLS feed — proxied through /api/hls.
+// Falls back to an "offline" overlay if the stream is down.
+const LANDING_PREVIEW_STREAM =
+  "https://wzmedia.dot.ca.gov/D4/N101_at_6th.stream/playlist.m3u8";
 
 // IntersectionObserver: returns [ref, inView]. Latches to true so reveal
 // animations play exactly once when the section scrolls into view.
@@ -147,11 +153,13 @@ function OwnerAlertMock() {
           <span className="tabular-nums">CAM 14B · live</span>
         </div>
 
-        <div className="flex flex-1 items-center justify-center bg-neutral-900 text-neutral-400">
-          <span className="font-mono text-[10px] uppercase tracking-widest">
-            ⟶ HLS feed preview
-          </span>
-        </div>
+        <LiveStream
+          streamUrl={LANDING_PREVIEW_STREAM}
+          streamType="hls"
+          className="flex-1"
+          lazy={false}
+          showLiveDot
+        />
 
         <div
           className="shrink-0 overflow-hidden border-t"
diff --git a/apps/web/middleware.ts b/apps/web/middleware.ts
deleted file mode 100644
index b750907..0000000
--- a/apps/web/middleware.ts
+++ /dev/null
@@ -1,56 +0,0 @@
-import { NextResponse, type NextRequest } from "next/server";
-import { createServerClient, type CookieOptions } from "@supabase/ssr";
-
-export async function middleware(request: NextRequest) {
-  let response = NextResponse.next({ request });
-
-  const supabase = createServerClient(
-    process.env.NEXT_PUBLIC_SUPABASE_URL!,
-    process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY!,
-    {
-      cookies: {
-        getAll: () => request.cookies.getAll(),
-        setAll: (
-          cookiesToSet: { name: string; value: string; options: CookieOptions }[],
-        ) => {
-          for (const { name, value } of cookiesToSet) {
-            request.cookies.set(name, value);
-          }
-          response = NextResponse.next({ request });
-          for (const { name, value, options } of cookiesToSet) {
-            response.cookies.set(name, value, options);
-          }
-        },
-      },
-    },
-  );
-
-  const {
-    data: { user },
-  } = await supabase.auth.getUser();
-
-  const { pathname } = request.nextUrl;
-  const isAuthRoute = pathname.startsWith("/login") || pathname.startsWith("/auth");
-  const isPublicRoute = pathname === "/";
-
-  if (!user && !isAuthRoute && !isPublicRoute) {
-    const redirect = request.nextUrl.clone();
-    redirect.pathname = "/login";
-    redirect.searchParams.set("next", pathname);
-    return NextResponse.redirect(redirect);
-  }
-
-  if (user && pathname === "/login") {
-    const redirect = request.nextUrl.clone();
-    redirect.pathname = "/";
-    return NextResponse.redirect(redirect);
-  }
-
-  return response;
-}
-
-export const config = {
-  matcher: [
-    "/((?!_next/static|_next/image|favicon.ico|api/cron|api/hls|api/dispatch|api/live|api/openclaw|api/seed|api/contribute|api/contributor-waitlist|c/|contribute|.*\\.[a-zA-Z0-9]+$).*)",
-  ],
-};