The Australian government has introduced a new code of practice to encourage manufacturers to make IoT devices more secure.
The code provides guidance on secure passwords, the need for security patches, the protection and deletion of consumers' personal data and the reporting of vulnerabilities, among other things.
The problem is the code is voluntary. Experiences elsewhere, such as the United Kingdom, suggest a voluntary code will be insufficient to deliver the protections consumers need.
Indeed it might even increase risks, by lulling consumers into a
false sense of security about the safety of the devices they buy. more