Re: Is it just me who is secretly applauding this...
We've seen this movie before somewhere...
The difference that i can see here is that PCs were never set and forget concepts. They had service packs, antivirus definitions and the like. But who, when purchasing their next light bulb, is thinking "how do I apply security patches? Whilst i don't condone vigilante hacking, it's hard to feel sympathy for an industry that has produced so much crap security with bad practices even at a 101 level (hard coded passwords, missing even basic user permissions, running unnecessary daemons with root access, the list goes on). Maybe some bricked returns will score some pretty rubbish eBay/Amazon reviews and will ward off bricks and mortar retailers from stocking such products. The iot industry (and I include car manufacturers here) need to understand that software isn't an engineer and forget enterprise, and if they can't learn the lessons of that industry then pull back and sell regular light bulbs/door locks/cameras/cars/whatever until they do learn those lessons.
I'm not hopeful though. Best security practice starts with collect as little data as you need to function, run as few services as is needed to accomplish that task, and run those services with as few rights as possible. This is the very antithesis of iot.
Biting the hand that feeds IT
