In my opinion, progress in that domain should come in the form of mandatory warnings to end-users when selling technologies that do not meet acceptable standards.
A big warning on the package would be enough to turn away average users - thus forcing companies to comply - but wouldn't interfere with hacking activities.
A big warning on the package would be enough to turn away average users - thus forcing companies to comply - but wouldn't interfere with hacking activities.