Not only this, but most US companies do not really have any incentive to focus on security.
On HN there is an echo chamber with the shunning of companies who have experienced incompetence based breaches. Your average consumer does not know (beyond the news cycle) or generally even really care.
I think you can even look at FBI and NSA public service announcements and guides about consumer electronics security as a sort of ''shit this industry stuff is pretty bad we need to think about our goal differently,'' with regards to them trying to pick up some of the security slack that US companies shit out with their products.
The various 3-letter-agencies really are incentivized to help government and industry be legitimately secure against anything short of the sophisticated attacks they themselves can orchestrate
When you’ve got the sort of reach and resources they have, it does you no good if script kiddies or unsophisticated attacks are causing problems and you don’t need the easily preventable attack vectors they’d use.
On HN there is an echo chamber with the shunning of companies who have experienced incompetence based breaches. Your average consumer does not know (beyond the news cycle) or generally even really care.
I think you can even look at FBI and NSA public service announcements and guides about consumer electronics security as a sort of ''shit this industry stuff is pretty bad we need to think about our goal differently,'' with regards to them trying to pick up some of the security slack that US companies shit out with their products.