Re: All your pizzas are ours
Indeed, scenarios like this /will/ happen if the security is not properly sorted out /now/, including pre-planned support for later firmware/hardware updates for improving security. This is why I'm loath to buy much IoT kit currently, especially anything which needs a dedicated internet server to be usable.
My internet enabled weather station is my only IoT device and locked down by my router firewall from accessing anything but a single weather site on the internet.
Possible exploits for IoT devices may include:
* a central heating system which chills or cooks you, or deliberately wastes energy while you are out.
* a washing machine which is programmed to badly wash or dry your clothes, even ruin them.
* a tumble dryer which is programmed to waste energy, ruin your clothes, cause other damage or a fire.
* a cooking appliance which is programmed to ruin food, waste energy, cause other damage or a fire.
* an internal sensor(s) used or appliance programmes used to detect when the best time is to steal stuff from you or just spy on you for other nefarious reasons.
* an electronic lock(s) which is hacked to let thieves or other nefarious people inside.
* an appliance becomes unusable because your appliance wireless, IoT hub, router or broadband is broken, or had a hacked firmware update..
I'd need a seriously good reason to allow any device which uses UPnP or manually open internet ports, because that could easily become a massive security risk!