For years, the use of insecure smart home appliances and other Internet-connected devices has resulted in personal data leaks. Many smart devices require users’ location, contact details or access to cameras and microphones to set up, which expose people’s personal information, but are unnecessary to use the product. As a result, data breaches and security incidents continue to emerge worldwide through smartphone apps, smart speakers, TVs, air fryers and robot vacuums.
Last week, another major data breach was added to the list: Mars Hydro, a Chinese company that makes Internet of Things (IoT) devices such as LED grow lights and the software to control them remotely. Jeremiah Fowler, a cybersecurity researcher at vpnMentor, on Feb. 12 reported that Mars Hydro had left 1.17 terabytes of non-password-protected data containing 2.7 billion records online, including users’ Wi-Fi network names, Wi-Fi passwords, Internet protocol addresses and device IDs.
The exposed data appeared to belong to users of the company’s Mars Pro smartphone app, even though Mars Hydro’s privacy notices on Apple’s App Store and Google Play state that the app does not collect user data, Fowler said. Within hours of notifying Mars Hydro, the database was no longer publicly available, but it is uncertain how long it was left unprotected or if unauthorized parties had accessed it, he said. The incident demands further investigation to get a full picture of users’ exposure, he said, adding that the issue yet again raises concerns over the security and privacy of IoT devices.
The Mars Hydro incident comes as Chinese start-up DeepSeek’s artificial intelligence (AI) chatbot was recently found to have transferred user data to ByteDance Ltd, TikTok’s parent company, which prompted many countries to ban public-sector entities from using DeepSeek or suspend downloads of the Chinese app. In Taiwan, the Ministry of Digital Affairs on Jan. 31 said that government agencies would be prohibited from using DeepSeek, but it remains unclear if the ministry would restrict public use of the service if it contravenes data protection laws.
Concerns over data leaks and hacking from Chinese software and devices have grown in the past few years. Security experts warn that apps from Chinese e-commerce sites such as AliExpress and Temu, as well as China-made IP cameras, smart speakers and robot vacuums, have data security vulnerabilities. They say risks stem from potential backdoors embedded during manufacturing or coding to weaken encryption methods and provide gateways for cyberattacks.
Make no mistake: Concerns over data breaches also exist for devices made by non-Chinese vendors. However, the issue with products made in China or by Chinese-owned companies is that the Chinese Communist Party, with no democratic oversight, could exploit such information for surveillance or intelligence-gathering purposes, posing national security threats. In addition, most countries generally require businesses to obtain consent from users before collecting their personal information. Unfortunately, some Chinese services do not inform users or bypass this requirement when collecting personal data.
In November last year, the Ministry of Digital Affairs acknowledged the importance of IoT information security as such devices become more popular. It said that regardless of the country of origin or the type of device, user data could be collected and become a potential security risk. It added that it would launch information security labels for IoT devices sold in Taiwan and propose data protection guidelines for device makers. In the meantime, users can take simple steps to mitigate potential risks, such as changing default passwords, restricting the access software and devices have to personal information, stopping data sharing, monitoring device activity and turning off devices when not in use.
On May 7, 1971, Henry Kissinger planned his first, ultra-secret mission to China and pondered whether it would be better to meet his Chinese interlocutors “in Pakistan where the Pakistanis would tape the meeting — or in China where the Chinese would do the taping.” After a flicker of thought, he decided to have the Chinese do all the tape recording, translating and transcribing. Fortuitously, historians have several thousand pages of verbatim texts of Dr. Kissinger’s negotiations with his Chinese counterparts. Paradoxically, behind the scenes, Chinese stenographers prepared verbatim English language typescripts faster than they could translate and type them
More than 30 years ago when I immigrated to the US, applied for citizenship and took the 100-question civics test, the one part of the naturalization process that left the deepest impression on me was one question on the N-400 form, which asked: “Have you ever been a member of, involved in or in any way associated with any communist or totalitarian party anywhere in the world?” Answering “yes” could lead to the rejection of your application. Some people might try their luck and lie, but if exposed, the consequences could be much worse — a person could be fined,
Xiaomi Corp founder Lei Jun (雷軍) on May 22 made a high-profile announcement, giving online viewers a sneak peek at the company’s first 3-nanometer mobile processor — the Xring O1 chip — and saying it is a breakthrough in China’s chip design history. Although Xiaomi might be capable of designing chips, it lacks the ability to manufacture them. No matter how beautifully planned the blueprints are, if they cannot be mass-produced, they are nothing more than drawings on paper. The truth is that China’s chipmaking efforts are still heavily reliant on the free world — particularly on Taiwan Semiconductor Manufacturing
On May 13, the Legislative Yuan passed an amendment to Article 6 of the Nuclear Reactor Facilities Regulation Act (核子反應器設施管制法) that would extend the life of nuclear reactors from 40 to 60 years, thereby providing a legal basis for the extension or reactivation of nuclear power plants. On May 20, Chinese Nationalist Party (KMT) and Taiwan People’s Party (TPP) legislators used their numerical advantage to pass the TPP caucus’ proposal for a public referendum that would determine whether the Ma-anshan Nuclear Power Plant should resume operations, provided it is deemed safe by the authorities. The Central Election Commission (CEC) has
RSS