The UK is proposing a new law mandating a standardized, safer approach to IOT. “Many consumer products that are connected to the internet are often found to be insecure, putting consumers’ privacy and security at risk,” says Digital Minister Margot James (MP).
The potential law states that IOT devices of all varieties must be sold with a unique password. “By selling a device with a unique password, it significantly slows down cybercriminals from scanning the internet and automatically logging into devices with a default password, often to launch distributed denial-of-service attacks,” writes Tech Crunch. In the US, California has already passed a similar law that is set to take effect in 2020.
In addition, the UK law also mandates that manufacturers list the length of time for which they will provide software updates to a product.
For security researchers and hackers, the creation of this law will also enact new means of reporting vulnerabilities and flaws in products.
If this law is passed, manufacturers will need to roll out a labeling scheme for packaging, indicating that their products comply with the new legislation.
Get the full story from Tech Crunch.