It did get me thinking - maybe there should be IoTS devices, where the S stands for Security. A commitment to updates for a certain amount of time, the source code in escrow to be released when updates/support ceases, probably other things I'm not thinking of.
Seems like a fitting area for government regulation and certification. But in order for a government to even begin to consider the lack of security in IoT a problem, the adoption must ubiquitous. I.e. the devices (or the number of thereof) should pose enough a threat to public infrastructure (think botnets) to be subjected to regulation. Is there such an incentive in any country at the moment?
