How Do I Change the Password for My Washing Machine? Consumer Reports’ New Privacy and Security Review Standards
Consumer Reports (CR) has long subjected vacuum cleaners, blenders, cars and other consumer goods to rigorous quality and durability testing. Reading CR reviews is a common step for purchasers who value their detailed and unbiased reviews. But until now Consumer Reports’ reviews have not regularly encompassed privacy and security features.
The standard’s elements are loosely grouped into a few overarching principles, including:
- Build with security in mind. There are several components in the security domain, such as secure development practices, password standards, and data security. Evaluators will check for resilience against common vulnerability classes such as Cross Site Scripting, and review any crashes for exploitability by attackers. The software should be updatable, and companies should have a bug bounty program or other way to take security vulnerability report
- Allow consumers to alter, fix and re-sell.
Consumer Reports has asked for comments on the new standard and is hosting it on GitHub where notes and proposed modifications can be shared.