While it's a good idea, I can't see it getting traction for a long time.
*lots of rebranded Chinese tat won't use it
*Philips et al might look into it as a "social responsibility" play but will drop it because
**it's hard
**Nerd is needed to implement it
***X and Y don't use it, why should we.
I have a lot (100+) IoT devices in my home. Where I can't run custom firmware on them I run them in isolated networks.
For one which "had to phone phone" I did a MITM "attack" and feed it back 303 and black-hole it. It's happy :)
Options? When thin margins are pushed, there are very few options...
Biting the hand that feeds IT
