For years, the use of insecure smart home appliances and other Internet-connected devices has resulted in personal data leaks. Many smart devices require users’ location, contact details or access to cameras and microphones to set up, which expose people’s personal information, but are unnecessary to use the product. As a result, data breaches and security incidents continue to emerge worldwide through smartphone apps, smart speakers, TVs, air fryers and robot vacuums.
Last week, another major data breach was added to the list: Mars Hydro, a Chinese company that makes Internet of Things (IoT) devices such as LED grow lights and the software to control them remotely. Jeremiah Fowler, a cybersecurity researcher at vpnMentor, on Feb. 12 reported that Mars Hydro had left 1.17 terabytes of non-password-protected data containing 2.7 billion records online, including users’ Wi-Fi network names, Wi-Fi passwords, Internet protocol addresses and device IDs.
The exposed data appeared to belong to users of the company’s Mars Pro smartphone app, even though Mars Hydro’s privacy notices on Apple’s App Store and Google Play state that the app does not collect user data, Fowler said. Within hours of notifying Mars Hydro, the database was no longer publicly available, but it is uncertain how long it was left unprotected or if unauthorized parties had accessed it, he said. The incident demands further investigation to get a full picture of users’ exposure, he said, adding that the issue yet again raises concerns over the security and privacy of IoT devices.
The Mars Hydro incident comes as Chinese start-up DeepSeek’s artificial intelligence (AI) chatbot was recently found to have transferred user data to ByteDance Ltd, TikTok’s parent company, which prompted many countries to ban public-sector entities from using DeepSeek or suspend downloads of the Chinese app. In Taiwan, the Ministry of Digital Affairs on Jan. 31 said that government agencies would be prohibited from using DeepSeek, but it remains unclear if the ministry would restrict public use of the service if it contravenes data protection laws.
Concerns over data leaks and hacking from Chinese software and devices have grown in the past few years. Security experts warn that apps from Chinese e-commerce sites such as AliExpress and Temu, as well as China-made IP cameras, smart speakers and robot vacuums, have data security vulnerabilities. They say risks stem from potential backdoors embedded during manufacturing or coding to weaken encryption methods and provide gateways for cyberattacks.
Make no mistake: Concerns over data breaches also exist for devices made by non-Chinese vendors. However, the issue with products made in China or by Chinese-owned companies is that the Chinese Communist Party, with no democratic oversight, could exploit such information for surveillance or intelligence-gathering purposes, posing national security threats. In addition, most countries generally require businesses to obtain consent from users before collecting their personal information. Unfortunately, some Chinese services do not inform users or bypass this requirement when collecting personal data.
In November last year, the Ministry of Digital Affairs acknowledged the importance of IoT information security as such devices become more popular. It said that regardless of the country of origin or the type of device, user data could be collected and become a potential security risk. It added that it would launch information security labels for IoT devices sold in Taiwan and propose data protection guidelines for device makers. In the meantime, users can take simple steps to mitigate potential risks, such as changing default passwords, restricting the access software and devices have to personal information, stopping data sharing, monitoring device activity and turning off devices when not in use.
The Chinese government on March 29 sent shock waves through the Tibetan Buddhist community by announcing the untimely death of one of its most revered spiritual figures, Hungkar Dorje Rinpoche. His sudden passing in Vietnam raised widespread suspicion and concern among his followers, who demanded an investigation. International human rights organization Human Rights Watch joined their call and urged a thorough investigation into his death, highlighting the potential involvement of the Chinese government. At just 56 years old, Rinpoche was influential not only as a spiritual leader, but also for his steadfast efforts to preserve and promote Tibetan identity and cultural
The gutting of Voice of America (VOA) and Radio Free Asia (RFA) by US President Donald Trump’s administration poses a serious threat to the global voice of freedom, particularly for those living under authoritarian regimes such as China. The US — hailed as the model of liberal democracy — has the moral responsibility to uphold the values it champions. In undermining these institutions, the US risks diminishing its “soft power,” a pivotal pillar of its global influence. VOA Tibetan and RFA Tibetan played an enormous role in promoting the strong image of the US in and outside Tibet. On VOA Tibetan,
Former minister of culture Lung Ying-tai (龍應台) has long wielded influence through the power of words. Her articles once served as a moral compass for a society in transition. However, as her April 1 guest article in the New York Times, “The Clock Is Ticking for Taiwan,” makes all too clear, even celebrated prose can mislead when romanticism clouds political judgement. Lung crafts a narrative that is less an analysis of Taiwan’s geopolitical reality than an exercise in wistful nostalgia. As political scientists and international relations academics, we believe it is crucial to correct the misconceptions embedded in her article,
Sung Chien-liang (宋建樑), the leader of the Chinese Nationalist Party’s (KMT) efforts to recall Democratic Progressive Party (DPP) Legislator Lee Kun-cheng (李坤城), caused a national outrage and drew diplomatic condemnation on Tuesday after he arrived at the New Taipei City District Prosecutors’ Office dressed in a Nazi uniform. Sung performed a Nazi salute and carried a copy of Adolf Hitler’s Mein Kampf as he arrived to be questioned over allegations of signature forgery in the recall petition. The KMT’s response to the incident has shown a striking lack of contrition and decency. Rather than apologizing and distancing itself from Sung’s actions,
RSS