Tiktok’s chief security officer bails steps aside • The Register

Tiktok’s chief security officer bails steps aside • The Register


TikTok’s Global Chief Security Officer Roland Cloutier has “transitioned” from his job into “a strategic advisory role focusing on the business impact of security and trust programs.”

Cloutier’s change was revealed in a Saturday organizational update that starts with Cloutier himself signing off from the job on grounds that TikTok has “made significant progress in delivering on the promises we’ve made to our global community, business partners, and governments around the world.”

TikTok CEO Shou Zi Chew and ByteDance VP of Technology Dingkun Hong then weigh in with praise of Cloutier, and an explanation that Cloutier’s efforts to make Oracle Cloud the default storage option for US-based users’ data means the time is right for the CSO to take on new responsibilities.

Which is all very nice, except for one small but important detail: since trumpeting Oracle as its default storage provider, TikTok has also revealed that staffers in China can still see US users’ data.

TikTok has assured the Committee on Foreign Investment in the United States that when offshore entities view US users’ data they can’t see anything personal that might raise concerns that Beijing has any prospect of seeing sensitive stuff.

But that admission was a breach of the spirit of TikTok’s pledge to disentangle its overseas operations from those of its parent company, China’s ByteDance, to make users feel safe that their data would not be scrutinized offshore by a company beholden to laws that require cooperation with government.

Speaking of ByteDance, its nascent public cloud operation – named “Volcano Engine” – last week revealed it has created its own data processing unit (DPU, aka SmartNIC and someone really ought to get to deciding what these things are called).

In a July 12 product information update, ByteDance announced the launch of a bare metal instance type called ebmg2i that employs a “self-developed DPU software and hardware integrated architecture design.”

The instance type runs an Ice Lake Xeon that can clock 3.0GHz and offers 128 vCPUs. No single Ice Lake Xeon has 64 physical cores, but several have 32 and can run 64 threads, so this smells like a dual-socket box. The servers also offer 512GiB of memory, a pair of 25GB/sec NICs, and are said to be capable of processing ten million packets per second and to be capable of 300,000 IOPS to ByteDance’s cloud storage.

Sadly, ByteDance has offered no detail about its DPU, so we’re in the dark about the processor it uses and other aspects of its design.

But the mere fact that the company has created its own DPU is notable. Doing so requires considerable prowess and suggests ByteDance has come to the same conclusions about the devices as its cloudy peers: that offloading housekeeping and security chores to a SmartNIC improves IaaS performance and resilience. ®

You May Also Like…