The Wzye Pan camera overlooking the bird feeders attracted the attention of a Downy Woodpecker:
The camera sits on a “guest” branch of the house network, fenced off from the rest of the devices, because Pi-Hole showed it relentlessly nattering with its Chinese servers:
In round numbers, the Pan camera tried to reach those (blocked)
iotcplatform domains every 30 seconds around the clock, using a (permitted)
google.com lookup to check Internet connectivity. Pi-Hole supplied the latter from its cache and squelched the former, but enough is enough.
I haven’t tested for traffic to hardcoded dotted-quad IP addresses not requiring DNS lookups through the Pi-Hole. Scuttlebutt suggests the camera firmware includes binary blobs from the baseline Xaiomi/Dafang cameras, so there’s no telling what’s going on in there.
The Xiaomi-Dafang Hacks firmware doesn’t phone home to anybody, but requires router port forwarding and a compatible RTSP client on the remote end. Isolating it from the rest of the LAN must suffice until I can work out that mess; I assume the camera has already made my WiFi passwords public knowledge.