Re: It would seem
The consumer devices should accept by default only private network addresses, i.e. from 10.0.0.0/8, 172.16.0.0/12 or 192.168.0.0/16. The restriction should then be removed once the user is able to change the default password to something non-trivial. Telnet and other services (such as UPnP) except HTTP (redirected-to-HTTPS) should be disabled by default.