My cat, Gluon, is having a problem. Last year, a new cat, Einstein, invaded her property, and since then, she has no longer ventured outside after some unfortunate encounters with Einstein. Gluon now spends most of her time inside doing cat stuff like grooming and sleeping; unfortunately, she has gained an unhealthy amount of weight. To help, we got her an automated cat feeder to better control her food intake. The cat feeder is sporting not just the obligatory WiFi and Cloud/App connectivity but also a camera, so it was immediately moved to our “IoT” network.
The IoT network is pretty much locked down and closely monitored. So I soon noticed these DNS queries originating from the cat feeder:
0 catfeeder → dnsserver DNS 73 Standard query 0x0002 A baidu.com301 catfeeder → dnsserver DNS 73 Standard query 0x0002 A baidu.com602 catfeeder → dnsserver DNS 73 Standard query 0x0002 A baidu.com
About every 5 minutes (300 seconds), the cat feeder attempts to resolve “baidu.com.” Why baidu.com? What is my cat trying to search for?
After investigating this on different devices showing similar behavior, I finally figured out that some networking libraries use “baidu.com” for internet connectivity checks. Even if the DNS lookup succeeds, there is no actual outbound connection in this case. The device is happy as long as an IP address is returned.
But why baidu.com and not google.com or ‘8.8.8.8’ (or bing.com)? This is likely due to these devices and some libraries manufactured and coded in China. First of all, “Baidu” is more commonly used than “Google”, and due to the censorship regime, which may not only block DNS lookups for Google but may also use these DNS lookups to identify non-regime-conform behavior not to get Chinese users into trouble, they may opt for the use of Bai ..
Support the originator by clicking the read the rest link below.
