Many companies still do not realize that there is a lot of potential to get hurt by things posted, and that you ignore the blogosphere at your own peril.
Kryptonite is quickly learning this, but not in a fun way. Just as kryptonite is Superman's downfall, the Bic pen is the Kryptonite locks downfall.
I first read about Kryptonite's bike lock problems in Business 2.0's blog, and then read a very good take on the situation from Business 2.0 had posted a response from the Kryptonite PR person, which really has not cleared up the situation. Engadget also has an official response, albeit different than the one from Business 2.0.
PR Studies has a great post about how Kryptonite has mishandled its criticism, and Tom Murphy of PR Opinions blogged on the issue as well.
All point out one interesting point - that more than 400 people have been involved in the post on a biking board, and that it took quite a while for Kryptonite to respond. Kryptonite has a harder battle to win, now, to get people to trust their product. First, the expose was from a bike enthusiast site, then picked up by various bloggers. Second, the initial response was a non-response. Third, the company is not being upfront on whether or not they are going to fulfill any insurance claims filed for stolen bikes - one of the cornerstones of the Kryptonite locks.
Lexar Media is in the same boat, albeit the story has not exploded like the bike lock. If you are in technology public relations, you should be reading Slashdot. Recently, Slashdot had an article that the Lexar JumpDrive Password Scheme Cracked; in other words, the password protection that Lexar had been touting for protecting data on the JumpDrive is crackable. AtStake, a security consulting service, had posted a security advisory on the Lexar JumpDrive, that had since been picked up by Slashdot.
Just like the Kryptonite posting, the Slashdot community has now posted 562 comments on the issue. Some of them have picked up this part of the AtStake advisory:
08-05-2004 Vendor contacted via email to support. No response.Lexar did respond to AtStake with a comment on the 16th of September. A full month and a half after the first email was sent to support, and a full month after the first email to public relations. With any time-sensitive issue - and security is a time sensitive issue - the PR department can't twiddle its thumbs. Or, in a crisis the team can't bury its head in the sand and hope the issue goes away, which seems to be the case here.
08-12-2004 Vendor contacted again via email to support, sales, Public Relations, Investor Relations, and general inquiry email addresses.
08-12-2004 Automated response from support received.
09-13-2004 No further response from vendor, advisory released.
Is the Lexar security issue going to blow up like the Kryptonite story? Most likely no. But, has Lexar just lost a key group of customers - the Slashdot community - that is very tuned into security and technology? Most likely, yes, those Slashdot readers are going to think twice before picking a Lexar product.
So, two cases of how not to ignore the blogosphere, and how important it is to respond quickly to criticisms, whether they are online or in print.
Update from Business 2.0 Blog: Kryptonite to replace locks.