All the instances where obsidian generates network traffic
When you open one of your notes that embeds online content. For example, an image ![cat](https://upload.wikimedia.org/wikipedia/commons/0/0b/Cat_poster_1.jpg)
Periodically check for updates (can be disabled in the settings)
When you access your Obsidian account in Settings
When you use Obsidian Sync
When you use Obsidian Publish
When you browse/download third-party themes
When you browse/download third-party plugins
If you have third party plugins enabled, there is a check, done once every 12 hours from the time the app starts up, which fetches a file hosted on GitHub we use to issue “plugin deprecations”. This file is used to remotely disable specific versions of plugins that are known to malfunction, cause data loss, or could potentially be vulnerable or malicious.
The plugins you enable can also generate network traffic
Bonus:
DNS requests if a hostname needs to be resolved before establishing a connection (including DNS over HTTPS).
Not that I’m not trusting you, but I just want to brute force all supporting evidence for that. How do I check these statements, and how do I know if my checking tool is not compromised?
I wanted click-to-load for online content, instead of automatically loading remote resources like images and embeds. So I blocked the Obsidian executable in the firewall.
In the space of 8 minutes it logged 700 firewall events, outbound towards the following IP addresses: