So why is Netflix hitting me with Dradis?
-
@JonathanLee Just reiterating, the Netflix app was never even opened since the factory reset (unrelated, a few days before this packet), let alone logged into an account (I don't have one myself)
-
@ssullivan556 because they use that fqdn in their service domain name as CNAME that points to another fqdn, and so on. That you think because they have dradis in their domain name its doing something nefarious is beyond ridiculous
;; QUESTION SECTION:
;nrdp25.appboot.netflix.com. IN A;; ANSWER SECTION:
nrdp25.appboot.netflix.com. 111 IN CNAME appboot.dradis.netflix.com.
appboot.dradis.netflix.com. 57 IN CNAME appboot.us-west-2.origin.prodaa.netflix.com.
appboot.us-west-2.origin.prodaa.netflix.com. 57 IN A 34.217.204.82
appboot.us-west-2.origin.prodaa.netflix.com. 57 IN A 44.234.6.167
appboot.us-west-2.origin.prodaa.netflix.com. 57 IN A 52.89.219.164You are chasing ghosts here.
-
@johnpoz Now this actually makes sense. Thank you. In other words, the TV asked "hey, what are the addresses for apps on Netflix" and 8.8.8.8 said "here are ALL the apps you can choose from" and we do not know from this what my device continued to use. I guess I need to spend some time with ntop if I really want to know.
Nowhere did I claim to know a lot about how IP works, was just looking for an explanation to learn more.
-
@ssullivan556 which is why we are here - glad we got it sorted.
It could be checking for updates to apps It could be checking for update for its own os, it could be checking that it can talk to Google..
Could be saying here I am a new instance - it could be doing all sorts of things - but what your DNS was just that is was looking for specific fqdn, and dradis just happened to be part of the fqdn they are using, in this case just as a cname to point it elsewhere.
As to why dradis in the in the fqdn - maybe who came up with was a fan of bsg, maybe it hits one of their servers using dradis to log traffic? But it sure wasn't scanning you are doing any sort of pen test - you show a query to 8.8.8.8 on normal DNS port 53.
-
Keep in mind that most smart-TV platforms update their apps automatically, whether you use them or not. It’s similar to the Microsoft Store on Windows, which updates apps you never open.
I’ve also developed a personal bias against Netflix because of how aggressively they react to any IPv6 tunnel broker. After dealing with endless workarounds—forcing IPv4 DNS, custom DNS entries, and other bypass methods—I finally got fed up and switched to Apple TV for a while. Most of the other major streaming services don’t seem to care at all about Hurricane Electric IPv6 tunnels, but Netflix is extremely strict.
It’s also important to understand that many streaming apps use containerized instances that spin up temporarily for DRM and security, then self-delete when they’re done. Because of that, the platforms want everything locked down and up to date, even if you haven’t logged in. They want the application to be fully ready—and fully secure—for the moment you do decide to use it. -
@ssullivan556 said in So why is Netflix hitting me with Dradis?:
OK, skepticism active. Why. Dradis. Ever? Ad tracking? Seriously? How deep do these f***s need to go?
Smart TV manufacturer, particularly in the price competitive market segment make about 30% of their profit from selling purchasers viewing habits. So yes they are watching but not for the purchaser benefit. Most people don't care until you realise the power you are selling, far undervalued imo.
The easiest way around this is not connect the TV to the internet at all. Instead connect a minipc running Linux then you have software working for you not someone else.
-
@Patch Something tells me John wouldn't mind revealing how much of a Battlestar Galactica fan he is in 'exchange' for paying higher prices for anything/everything he buys online.
-
@tinfoilmatt clearly you missed where I said it will ask more and more when you block stuff in DNS. which I do run pihole, is how I know this.
That specific fqdn is not associated with telemetry or ads that I am aware of - but I do like my apps current. I will look into if that is on my current block list. But I did have to whitelist some stuff because the wife wanted the Roku channel.
But sure they clearly know what shows you watch - because duh you watched them.
My tinfoil hat is just not as tight as yours is all - yours seems to cut of circulation to your brain, mine is just kind of sitting there half cocked.
-
@johnpoz said in So why is Netflix hitting me with Dradis?:
But sure they clearly know what shows you watch - because duh you watched them.
I'm obviously okay with this. Recall the multiple times OP said they don't even subscribe to Netflix, never mind watch any of their content (nor even open the pre-installed app for that matter).
-
Subscribing or watching a particular information harvester content is not relevant to them harvesting on your device, they already get that content remotely.
The information they are after on your device is screen fingerprinting (to identify content played not from them). And any thing else they can see on your network.
What their customers buy is the ability to modify the behaviour of a community and individuals. Moral judgement and political views being more valuable than hair styling.
The information provider acquire more of your attention by telling you what you want to hear. Putting people in an echo chamber and feeding them a constant stream of biased information is the primary method used in all radicalisation programs. So unfortunately monetisation of information services divides and radicalises a democratic country.
The usual response to this is: I’m not influenced by their behaviour (ie big tech doesn’t know how to do their job) or they aren’t doing anything wrong and I can’t change it anyhow (which is exactly the message all authoritarian governments an monopolies want you to believe).
The overall effect is a rather high price for a country. Clearly an individual can’t change this on their own but neither must an individual accept or support it.
