My dog growing up was super picky about what human food she would eat. Depending on how something was cooked (even when cooled down) she would flat out deny it (boiled chicken she would eat around or take out of her bowl)

My current dog is less picky but there’s still some foods he can safey have that he’ll spit out. Like he loves oranges but hates apples, cucumber he thinks is gross but broccoli is good.

I think a lot of dogs actually do have their preferences about what tastes good to them much like people. I guess most of the dogs in my family are “spoiled” in they get human food as a treat on a semi-regular basis.

My dog growing up hated kibble and we’d have to cook her something to eat (again spoiled). My current dog doesn’t mind kibble (but he’s very food motivated) but absolutely wants you to share with him what your eating, even if he’s going to spit it out because he doesn’t like it.

You must be new on the internet…

You’re aware that you can send whatever traffic you want over any port right? Using 123/udp for NTP is just convention. A light bulb that is updating its time over Tor is suspect. TP-Link would have their own infrastructure or use public pools to update the device’s time.

It’s been hacked, the light bulb is likely part of some botnet or under an attacker’s control directly. Which is why it’s sending that much data continuously. IoT/smart devices don’t send a lot of data in this sort of volume as most of the time they’re idle and maybe send a heartbeat or status update every once in a while to prove they’re alive.

This is what is called an indicator of compromise or IoC, it’s some behavior or pattern that can be used to determine what is happening or who is the one doing the attacking.

Likely OP would need to do some analysis to be able to get attribution unless it’s a very well known botnet actor in which case attribution is fairly straightforward.

It’s definitely been popped. Rip.

Yes there is! Great you have a strong, randomly generated password. There’s no collateral damage (you’re having your password manager generate the passwords right?) So your other accounts are safe, you only have to rotate one password.

Well what happens for instance if someone really wanted access to your account? Say it’s a bank, a social media account, or maybe it’s just a game account for an MMO that’s super high value, you have a long and strong password, but let’s say the service’s security wasn’t quite up to snuff or you got phished and gave your password by accident (these things happen, it’s not your fault).

This is where 2FA comes in, if someone manages to break your password the attacker needs your phone, your security key, your fingerprint, etc… To prove to the service they’re you. By having 2FA on the account you’re increasing your defense in depth for your account. If you didn’t have it your account is as good as gone as soon as an attacker cracks or gets your password.

It acts as a second lock that needs to be picked in order to take over your account.

I personally add 2FA to all of my accounts I can, the highest security ones get added to my hardware token. The ones I don’t need as high security go into my password manager (which has 2FA enabled but only available via my hardware key).

Additionally as often as possible I try to use a unique email address for each service (simplelogin, addy.io, or similar, + based email addresses are easily bypassed) they all forward to my email but now you have to guess my email for the service (my own private domains, so not shared with anyone else) and what mailbox it ends up in. As a bonus you can disable emails that are sending spam or see who got breached based on the email.

Again defense in depth, a long secure password is great but that’s only relying on a single lock. By having 2FA you’re doubling your security so to speak by requiring that extra key in order to access your accounts.