% honestly don't know how you would really enforce something like this
Probably like with automotive code - they don't have code audits but have mandated test scenarios. The problem is that you need large organizations to work these out
i guess Schneier has a point, if consumers do not demand secure systems then it can only be done through regulation.
that would be a very German approach - they have strong consumer advocacy organisations like Stiftung Warentest and the Adac, these then push for more consumer protecting regulation. [1]
Once upon a time these requirements were also used as protectionist barriers. In our days that would mean: you did not bother to update your toolchain and have no firmware updates for this smart light bulb of yours? gone is your import license.
Probably like with automotive code - they don't have code audits but have mandated test scenarios. The problem is that you need large organizations to work these out
i guess Schneier has a point, if consumers do not demand secure systems then it can only be done through regulation.
that would be a very German approach - they have strong consumer advocacy organisations like Stiftung Warentest and the Adac, these then push for more consumer protecting regulation. [1]
Once upon a time these requirements were also used as protectionist barriers. In our days that would mean: you did not bother to update your toolchain and have no firmware updates for this smart light bulb of yours? gone is your import license.
[1] http://americastradepolicy.com/german-customer-protection-or...