StarkZarn

A fatalist take like this doesn’t help anyone. Do you lock your doors at night even though you’re not be continuously robbed? It’s always worth it to try and protect yourself.

✋

I write a tech and radio blog, if that’s your schtick. If not, no worries. Post your rss feed when you’re done!

https://roguesecurity.dev/

They misspelled “backdoors.”

That’s not how that works. network_mode: host shares the network namespace with the container host, so it doesn’t do any NAT, it only exists on the host’s IP. It would be akin to running a natively installed app, rather than in a container. macvlan networking is what gives a container its own IP on the logical network, without the layer of NAT that the default bridge mode networking that docker typically does.

There’s not even a potential Oxford comma in there. It’s an interjection, not a list.

Discord isn’t free, you’re paying with your data. 😅

It’s just an NTP pool. The device is trying to update it’s time. Likely it made many other requests to other servers when this one didn’t work.

Maintaining up to date lists of anything is a game of whack a mole, so you’re always going to get weird results.

If you’re actually unsure, pcap the traffic on your pfsense box and see for yourself. NTP is an unencrypted protocol, so tshark or Wireshark will have no problem telling you all about it.

That said, I’d still agree with the other poster about local integration with home assistant and just block that sucker from the Internet.

Potentially, but precision is important, especially if you’re going to make sweeping claims about a topic, acting as an authority.

This is absolutely not what DNSSEC is. DNSSEC provides authenticity of the response, not privacy. You’re describing a means of encrypted name resolution, like dns-over-tls, dns-over-https, etc.

That all sounds correct to me. The random port you’re seeing in the logs is a high port, often referred to as an ephemeral port, and it is common for source ports. All good there.

Sure, but no one asked about studies from a specific country, we just got an unsolicited “tut tut” for no reason. I can live in Germany and read Canadian articles all I want. This particular poster just doesn’t have an open mind about the world.

Lolwut.

Does your holier-than-thou country not believe in peer reviewed science?

That sort of configuration after the fact would be a fantastic addition, if not already in place.