• scrion@lemmy.world
    link
    fedilink
    arrow-up
    18
    arrow-down
    1
    ·
    3 months ago

    There is definitely a difference in quality when talking about import software.

    Also, “outlawing vulnerabilities” would not mean to simply assume everyone starts making perfectly secure software, but rather that you’re fined if you can’t prove your processes are up to spec and you adhered to best practices during development. Additionally, vendors are obliged to maintain their software and keep it secure.

    And surprise, surprise, the EU ratified laws that do exactly that (and more) recently. In fact, they’ll be in effect very soon:

    https://en.m.wikipedia.org/wiki/Cyber_Resilience_Act