+1 for that.
Really, the note about UL is the only sane thing but it misses the point - there is a need for standards of software/systems not being shitty that are legally enforced. If your kit fails the UL standards then AFIK you can't sell it in the USA/Canada and if you do you can be prosecuted.
We need something similar for software: a requirement that best-practice (e.g. MISRA coding standards, etc) is used when writing it and the security aspect is properly considered, and finally that timely bug-fixes are provided for free (i.e. covered by the intial sales cost) and are practical to install for 5 years or so after the product family is last sold. Some legal stick is also needed, e.g. making the supplier liable for the consequences if not patched effectively after say 30 days of a vulnerability being reported, and obstructing security testing/auditing of your products to be illegal.
Yes, I know that costs money to do, but if it is a requirement on ALL businesses then doing it right is no longer a cost-penalty compared to the shitty state we currently see.
Biting the hand that feeds IT
