From a security perspective should it not be two way authentication? i.e. I push button on device to be connected and on the hub (potentially via a web interface/app) otherwise it won't connect?
That's still insufficient; given the flawed implementations detailed in the article, a deliberate, legitimate pairing could still be sniffed, leading to the leaking of the security key. This allows a (prepared) attacker to join the PAN and attack its members.