someone needs to bring negligence suits against some IoT vendors, wholesalers, and retailers
IANAL, so I wonder if that would actually work. Especially since everyone always attaches the standard no-warranty disclaimers to software (and we're talking about vulnerabilities in the software on these devices).
Maybe we need to give the FCC power similar to the CPSC.. they can issue recalls of unsafe products (or in the case of the FCC, products that interfere with our communications infrastructure), and they can even have them stopped at the border by customs.
Losing the ability to sell your product in the US is a pretty powerful incentive to get it right
Also IANAL, but I don't think that no-warranty disclaimers work for commercial products. Some countries even specify mandatory warranties (e.g. Australia's Warranty Against Defects[1])
I'm not sure those disclaimers work. They usually say something like, "We disclaim all warranties, including fitness for a particular purpose"
And then you look on their marketing pages and call their sales people, and they tell you all the particular purposes for which their software is a perfect fit.
IANAL, so I wonder if that would actually work. Especially since everyone always attaches the standard no-warranty disclaimers to software (and we're talking about vulnerabilities in the software on these devices).
Maybe we need to give the FCC power similar to the CPSC.. they can issue recalls of unsafe products (or in the case of the FCC, products that interfere with our communications infrastructure), and they can even have them stopped at the border by customs.
Losing the ability to sell your product in the US is a pretty powerful incentive to get it right