The push to ban TikTok was always disingenuous in the United States. Don’t get me wrong – the app’s spyware concerns are well-founded. However, banning one app while ignoring scores of other state-owned, questionable software and hardware is like plugging a leaky dam while water gushes through dozens of other cracks. It’s not a long-term solution to a deep-rooted problem.
For me, as a connected device user and maker of more than two decades, the social media ban (and rapid about-face) raises a bigger, overlooked security concern: the vast network of Chinese-manufactured smart devices in homes and businesses. While TikTok’s data collection makes headlines, the Internet of Things (IoT) captures far more intimate data about our daily lives.
As lawmakers now attempt to find American buyers for co-ownership of TikTok, I’m left asking myself: If this app requires home-grown investment and steering for security, shouldn’t the same apply to the millions of Chinese-made IoT devices?
CEO and Founder of Nabto.
We know about this threat
Chinese-connected devices have been making headlines for years. First, they’re cheap, which means they’re hackable. Tens of thousands of customers found this out the hard way when Hikvision, a state-owned surveillance camera manufacturer, left users exposed through unpatched software vulnerabilities and default passwords that leaked online.
Further, these devices aren’t just weak – they’re black boxes. Ownership is often unknown or state-linked, so what happens with device data is anyone’s best guess. Additionally, there’s no telling what these devices could do. The hardware, software, and platform are made in China. With full network access, rogue devices could monitor network traffic, inject malicious code, and create distributed denial-of-service (DDoS) attacks.
What we can say for certain is that these devices – from robot vacuums to video doorbells – collect more intimate, real-time data than any social media app. This includes constant audio, video, and location data. Think about it: social media only sees what you choose to share, while these devices witness your unfiltered life. They come with eyes and ears – cameras and microphones – that can track daily routines, lifestyle, and, well, you.
While TikTok operates in the virtual realm of social media content, IoT senses and actuates with the real world around it. Connected cars with cameras can drive around and discover all kinds of infrastructure, even using sensors like WiFi to discover networks and digital mechanisms. This is just the tip of the surveillance iceberg.
More dangerous than TikTok
The TikTok ban and ownership decision opens up a digital can of worms. It’s just not true to say this app is a national security risk if countless other devices aren’t given the same distinction. This is especially so if the threat from connected devices is actually worse than one app.
Consider, for example, that devices directly connect to cloud platforms – again, determined by the devicemaker – with some even counting facial recognition. Not to mention, TikTok is usually tied to a mobile device, which adds an extra security layer via iOS or Android. Devices don’t have this. How is this not a security and geopolitical risk, again?
The truth is that TikTok’s ban and buyout is based on political posturing rather than consumer safety. For this reason, it’s highly unlikely governments will start divvying up ownership and operation of every dodgy company in Chinese IoT. There’s not enough political will and, ultimately, these devices do a lot of good for economies when onboarded – keyword – safely.
Of course, regulators are trying to encourage device security baselines in Europe (Cyber Resilience Act) and The United States (Cyber Trust Mark) regarding default passwords and patching guarantees. But they can’t and won’t move for outright bans or buyouts. After all, IoT offers excellent efficiency and management insights, and Chinese devices often deliver the best bang for buck. So, what can we do?
Protect yourself, your networks, and your data
Protecting yourself from this threat starts by weighing up the pros and cons of technology from this part of the world. There’s a real chance you’ll pay the price for discounted devices in the form of security backdoors and data loss. So, keep the overall bottom-line impact in mind.
If you decide to bite the bullet, ensure multiple security failsafes. Configure your devices with peer-to-peer communication and end-to-end encryption. Also, store them under your own lock and key at the edge. This way, they’re on their own segmented network closer to home with less latency and fewer intermediary servers.
For the record, I don’t think governments should get involved with the ownership of these companies. Nonetheless, it’s a worthwhile thought exercise with geopolitics moving at breakneck speed and devices entering our most private spaces. Regulations are the right move for the moment and let’s hope our lawmakers keep a close eye on this sector.
Whatever happens next, both consumers and companies need to move with the landscape. Between tariffs and TikTok, nothing is off the table, so be careful not to put your data in the line of fire.
We’ve featured the best privacy tool and anonymous browser.
This article was produced as part of TechRadarPro’s Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro
https://cdn.mos.cms.futurecdn.net/pNvZnS4EQCoYBG2inqCq5L-1200-80.jpg
Source link
