Repent, Harlequin! They said to the TikTok man

Let me start off this week’s blog by saying that the cat is finally out of the bag for Eufy this week as the company admitted to its security cameras producing unencrypted streams for their web portal. Big kudos to Sean Hollister and the journalists at The Verge for leaning in on Anker and getting to the heart of the story like that.

I wrote a small piece about it at the time and had much the same response from their PR teams initially, a canned statement, followed by deflection, denial, and downplaying the issue. After nearly 10 years of writing the news I can tell you that's par for the course. From a PR standpoint I get it, you’ve got to defend the company and the product, but this is a failure of design, and likely by design. Eric Villines, Anker’s global head of communications, promised that a proper apology for users was coming. There are also some initiatives designed to alleviate the damage done like external security and pen testing, a bug bounty program, etc. I’ll be interested in seeing what they say and do in the coming months.

I’m also extraordinarily interested in hearing TikTok CEO Shou Zi Chew testify before Congress in late March. Is TikTok a security-focused topic? You bet! I can’t imagine how many security experts are banging their head against the wall trying to enforce bans or restrictions on TikTok use by employees. I wonder if there’s a dollar amount you could assign to the damage done by TikTok user data.

Congress may be asking the FBI for those statistics as we speak. “We are shocked by the recent Executive Order, which was issued without any due process. For nearly a year, we have sought to engage with the U.S. government in good faith to provide a constructive solution to the concerns that have been expressed,” TikTok said in a statement back in 2020, clutching its pearls as hard as it could. Now three years later Congress is looking for an explanation again regarding security concerns on the app. So far, their answer has been to peddle “Project Texas,” a plan designed to address the concerns of those who view the company as a security threat.   

What do I personally think of trusting a plan designed by the offending party to fix the problems it is accused of perpetrating? Well, there’s this story about a scorpion crossing a river on the back of a frog. I won’t spoil the ending of that one for you.

Why? It’s in my nature.