The UK has the answer to all our IoT problems: banning bad default passwords. Additionally, the new UK law requires device makers to provide contact info for vulnerability disclosures, as well as a requirement to advertise vulnerability fix schedules. Is this going to help the security of routers, cameras, and other devices? Maybe a bit.
This is a companion discussion topic for the original entry at https://hackaday.com/2024/05/03/this-week-in-security-default-passwords-lock-slapping-and-mastodown/