NTP is of cause no issue, the cam uses it to know when it's at night. Trojan horse infected f/w reports 'ready for service' from INSIDE to a strange host OUTSIDE of your net when it's time to and downloads malicious s/w. It could be paranoia (in the case there is no trojan horse, yes) but unfortunately, exactly this happenend with amazon distributed cameras. But it's ok - you can believe whatever you want and I'm happy here again.