Re: Is it the manufacturer or the consumer that has "no idea"?
Totally agree; and even if the consumer has a really good level of knowledge, who has time to examine every device they own for security vulnerabilities? And you'd have to re-check after every update in case the manufacturer has added a "helpful feature" that includes a new vulnerability.
The industry needs to have one, or more, independent testing and certification agencies that consumers can use as a guide before purchasing; certified devices might cost a little more, but should give consumers the confidence that someone independent of the manufacturer has looked at the security aspects of a device.
The current "race to the bottom" is certainly delivering low prices, but at the cost of poor security.