This is why security guys refer to the “Internet of Things” (small connected devices) as the “Internet of Shit.” Very few of these were designed with security foremost in mind, and some have glaring design flaws, not to mention bugs. They have software that runs them, but it’s typically in firmware, so there is no auto-update. if you are very lucky the vendor has security patches, and if you are very savvy, you are actually applying them, but 99% of the users of these things probably aren’t. Then of course some vendors just go out of business, leaving the devices still running, with nobody fixing anything.
It is really scary when you start thinking about medical devices having security holes, for example. Or someone hacking into your home surveillance camera. Or you car. Not to mention, homes and offices increasingly have a whole bunch of these and if any one of them is vulnerable, that is an entry point for hackers to access your network, and from there they can potentially get to more valuable targets.
