The question now is not what they have done, but what they have done to fix it?
Are they now trustworthy or not?
The Federal Trade Commission (FTC) has announced a settlement with smartphone-maker HTC over complaints that its handsets are riddled with security failings, and the government watchdog says it will check on compliance for ... wait for it ... the next 20 years. The FTC complaint claims that when HTC customized Android and …
My HTC phone sucks them regularly due to its crap software, so being full of inviting orifices for those indulging in nefarious activities comes as no surprise.
Really, why is crap security not an issue that has a basic legal basis by now? I know you can never be 100% secure/safe by design, but so much of today's products (generally the software, but not always) are pushed out as utter crap with hope/promise/day of unicorns coming that things will be fixed.
It is about time that security should be an automatic liability unless the supplier can show (with a straight face) that reasonable care and good practice has been followed in the design, implementation, and testing of the product.