Comment Re:UL (Underwriters) is a private, for-profit comp (Score 1) 114
There are already programs in place. One example, NIST certifies private security testing laboratories to test according to FIPS standards. It just nobody asking for certified products outside of the government procurement.
FIPS 140 certification, which I assume is what you're referring to, is almost worthless in terms of determining how resistant to real-world attack a product really is. It would have done nothing to prevent the problem discussed here. Its main use is as a measure of how desperate a vendor is to get government contracts, which is also why no-one asks for it outside government procurement.