TikToks American ownership rule ignores bigger IoT threat

Date:
Tue, 04 Mar 2025 15:11:14 +0000

Description:
Forget TikTok - there's a much bigger threat from millions of Chinese-made
IoT devices.

FULL STORY ======================================================================

The push to ban TikTok was always disingenuous in the United States. Dont get me wrong the apps spyware concerns are well-founded. However, banning one
app while ignoring scores of other state-owned, questionable software and hardware is like plugging a leaky dam while water gushes through dozens of other cracks. Its not a long-term solution to a deep-rooted problem.

For me, as a connected device user and maker of more than two decades, the social media ban (and rapid about-face) raises a bigger, overlooked security concern: the vast network of Chinese-manufactured smart devices in homes and businesses. While TikToks data collection makes headlines, the Internet of Things (IoT) captures far more intimate data about our daily lives.

As lawmakers now attempt to find American buyers for co-ownership of TikTok,
Im left asking myself: If this app requires home-grown investment and
steering for security, shouldnt the same apply to the millions of
Chinese-made IoT devices?

We know about this threat

Chinese-connected devices have been making headlines for years. First, theyre cheap, which means theyre hackable. Tens of thousands of customers found this out the hard way when Hikvision, a state-owned surveillance camera manufacturer, left users exposed through unpatched software vulnerabilities
and default passwords that leaked online.

Further, these devices arent just weak theyre black boxes. Ownership is
often unknown or state-linked, so what happens with device data is anyones
best guess. Additionally, theres no telling what these devices could do. The hardware, software, and platform are made in China. With full network access, rogue devices could monitor network traffic, inject malicious code, and
create distributed denial-of-service (DDoS) attacks.

What we can say for certain is that these devices from robot vacuums to
video doorbells collect more intimate, real-time data than any social media app. This includes constant audio, video, and location data. Think about it: social media only sees what you choose to share, while these devices witness your unfiltered life. They come with eyes and ears cameras and microphones that can track daily routines, lifestyle, and, well, you.

While TikTok operates in the virtual realm of social media content, IoT
senses and actuates with the real world around it. Connected cars with
cameras can drive around and discover all kinds of infrastructure, even using sensors like WiFi to discover networks and digital mechanisms. This is just
the tip of the surveillance iceberg.

More dangerous than TikTok

The TikTok ban and ownership decision opens up a digital can of worms. Its
just not true to say this app is a national security risk if countless other devices arent given the same distinction. This is especially so if the threat from connected devices is actually worse than one app.

Consider, for example, that devices directly connect to cloud platforms
again, determined by the devicemaker with some even counting facial recognition. Not to mention, TikTok is usually tied to a mobile device, which adds an extra security layer via iOS or Android. Devices dont have this. How
is this not a security and geopolitical risk, again?

The truth is that TikToks ban and buyout is based on political posturing
rather than consumer safety. For this reason, its highly unlikely governments will start divvying up ownership and operation of every dodgy company in Chinese IoT. Theres not enough political will and, ultimately, these devices
do a lot of good for economies when onboarded keyword safely.

Of course, regulators are trying to encourage device security baselines in Europe (Cyber Resilience Act) and The United States (Cyber Trust Mark) regarding default passwords and patching guarantees. But they cant and wont move for outright bans or buyouts. After all, IoT offers excellent efficiency and management insights, and Chinese devices often deliver the best bang for buck. So, what can we do?

Protect yourself, your networks, and your data

Protecting yourself from this threat starts by weighing up the pros and cons
of technology from this part of the world. Theres a real chance youll pay the price for discounted devices in the form of security backdoors and data loss. So, keep the overall bottom-line impact in mind.

If you decide to bite the bullet, ensure multiple security failsafes.
Configure your devices with peer-to-peer communication and end-to-end encryption . Also, store them under your own lock and key at the edge. This way, theyre on their own segmented network closer to home with less latency
and fewer intermediary servers.

For the record, I dont think governments should get involved with the
ownership of these companies. Nonetheless, its a worthwhile thought exercise with geopolitics moving at breakneck speed and devices entering our most private spaces. Regulations are the right move for the moment and lets hope
our lawmakers keep a close eye on this sector.

Whatever happens next, both consumers and companies need to move with the landscape. Between tariffs and TikTok, nothing is off the table, so be
careful not to put your data in the line of fire.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry
today. The views expressed here are those of the author and are not
necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

======================================================================
Link to news story: https://www.techradar.com/pro/tiktoks-american-ownership-rule-ignores-bigger-i ot-threat

$$
--- SBBSecho 3.20-Linux
* Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)