Security News > 2021 > February > Footfallcam kerfuffle: Firm apologises, promises to fix product after viral Twitter thread, infoseccer backlash

Footfallcam kerfuffle: Firm apologises, promises to fix product after viral Twitter thread, infoseccer backlash
2021-02-12 15:21

The device at the heart of the controversy was essentially a Raspberry Pi in a fancy enclosure, as Laurens Leemans of SignIPS, who analysed a sample Footfallcam 3D Plus product, told The Register.

Footfallcam responded to this by setting up a bunch of Twitter accounts to hurl accusations of extortion at him and SignIPS. Kao later acknowledged these accounts originated from the company and blamed them on "One of our employees," adding: "It's not upon our management. It's definitely not me nor Edward. It is an immature behaviour by an immature person. You know, I couldn't tell you names, but it's one of the engineers."

Footfallcam reported SignIPS to police - and then tried to use that report as leverage to get Leemans' Twitter thread deleted.

During phone interviews with The Register this week, Kao repeatedly suggested that SignIPS had attempted to extort money from Footfallcam to fix the vulnerabilities it highlighted.

It runs far deeper than that: Footfallcam reported SignIPS to Action Fraud, the UK police operation, and then stated it would not withdraw that report unless the Twitter thread exposing its product was deleted.

Rather than responsibly engage with SignIPS to identify and patch the vulns, Footfallcam behaved badly, and its position on the police report only changed when The Register began asking questions.


News URL

https://go.theregister.com/feed/www.theregister.com/2021/02/12/footfallcam_twitter_kerfuffle/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Twitter 5 0 6 2 0 8