Q: Recently, Clubhouse is a very popular software, and many people are using it to open their own virtual salons to talk about the world. However, is Clubhouse a safe and appropriate platform for discussing current political issues?
Li Jianjun: Clubhouse seems interesting, but if you want to use it to discuss political issues, it is definitely not suitable. Clubhouse is based on the API technology provided by Agora, which appears to be an American company, but all of its executives are from China, and its R&D center is also in China, similar to Zoom. Do you think it is safe to discuss politics with software based on SoundCloud technology? The possibility exists that if SoundNet cooperates with Chinese authorities to secretly collect information in Clubhouse’s App and then betray you, this is a possibility. Therefore, Clubhouse is not at all suitable for discussing sensitive political issues, unless the company that developed Clubhouse is willing to give up its API technology. But for the Time being, this possibility is very low. Therefore, if a group of people want to discuss politics, they still have to rely on instant messaging software that can be encrypted peer-to-peer, rather than using Clubhouse. Clubhouse’s mechanism is actually quite good, but the sound network company itself is not reassuring. As with Zoom, I personally still highly discourage its use for sensitive political discussions, mainly because of the Chinese background of the company’s management.
Q: In addition to Clubhouse, there are quite a lot of software that use SoundCloud APIs, which are quite attractive to many software companies because of their low price. Does this mean that the issues arising from Sound.com are potentially widespread threats to the security of Internet users, and even to U.S. national security?
Lee: That’s for sure, because Zoom itself is software, but it’s not part of a network infrastructure like AWS, but SoundCloud is an API, which is actually part of the network infrastructure, and most people wouldn’t know that individual software uses SoundCloud’s API. If Clubhouse hadn’t become a hit recently, people would not have known that Clubhouse had built its API based on Sound.com, and the discovery of the API made Sound.com’s stock price soar. Therefore, it is more dangerous than Zoom because it is too difficult for most people to find out if individual software is using the SoundNet API, and only a few experts are capable of doing so.
I think, based on online security and Internet users’ privacy, software companies actually have the responsibility to disclose which companies’ infrastructure services they use. In the past, people would trust Google, Amazon and other U.S.-based companies, but now, there are Chinese companies participating in the online infrastructure market, even deliberately setting up headquarters in the U.S. and even going public to hide their identity. Situations like Zoom are only increasing, and the sound network behind Clubhouse is a major warning sign. For some new software, if the technology and network infrastructure used by the development team is not transparent enough, it is better to take a wait-and-see attitude rather than rush to risk adoption. To a certain extent, open source software is more open and transparent, even though the user interface may be poor, but because open source software generally does not use commercial application interfaces that require fees and closed source code, it can largely avoid large-scale involvement of Chinese companies.
Q: Recently, a Chrome add-on was sold to an unknown third party by the original author, and then malicious code was added to the program to track the user’s identity and make some fraudulent ad clicks. The incident drew attention, but the identity of the buyer of the program remains a mystery. What kind of background do people usually have to do this kind of thing?
Li Jianjun: In fact, the nature of the program changed dramatically after the takeover, adding malicious code to track the identity of users, which is very similar to the situation in recent years when the Chinese background capital took over the Hong Kong media and changed the nature of the behavior. In addition, the software developed by Chinese companies are very keen to collect users’ privacy. Therefore, it is quite possible that the incident was caused by Chinese background funds buying the software code and then being used for intelligence gathering and fraudulent clicks. Countries like India and Russia have a lot of programming talent and they can write software without spending a lot of money on software companies or specific code.
Recent Comments