IoT devices are notorious for weak designs, insecure implementations, and a lifecycle that mostly ignores patching. We look at external factors that might lead to change, like the FCC's cybersecurity labeling for IoT. We explore the constraints that often influence poor security on these devices, whether those constraints are as consequential given modern appsec practices, and what the opportunities are to make these devices more secure for everyone.

Segment resources:

• https://www.fcc.gov/document/cybersecurity-labeling-program-internet-things-iot-products

Show Notes: https://securityweekly.com/asw-297