But why? Is it because we don’t have consent from companies to try /check whether they are secure? If so who protects customers from weak doors? or shareholders?
Weak doors is fun comparison. Imagine if someone regular found homes locked by Masterlock locks. And then riffled through everything just to see if they are sufficiently secured. Then reported to owners asking for security bounty...
I doubt that would go down very well, neither would it if you did that with businesses instead private home.
CEO was once annoyed with me while I worked IT (we handled facilities/security, too; was <100 employees) for testing how the camera worked for detecting human presence inside dev & design's room to unlock the double glass doors (for fire safety reasons, you must allow unrestricted exit). It acted like it was based on size of object in motion; if so many pixels were in motion from last frame, it triggers unlock without any other testing on if that object is a human.
It wasn't enough to just shove a folder through the gap of the doors; you had to ensure the folder opened up as it was falling, changing more of the pixels to get to the trigger threshold. It took me around 5 minutes to get it to consistently trigger. CEO was displeased dev & design team now knew how to bypass the door lock from the outside; he wasn't going to pay to fix it.
Maybe best to internalize Have It Your Way like BK's teams did.
I doubt that would go down very well, neither would it if you did that with businesses instead private home.