Re: @ Trevor
I'd guess at automated probes back, followed possibly by throwing a few exploits at whatever you detected
Nope. Nope nope nope. That is illegal on so many different levels I just...that's a great big huge bucket of nope.
"Incidentally, I've been hatching evil plans to get at your bombproof "networked product" factory ever since you mentioned the concept; favourite so far is build the nastyware into the case."
Why bombproof? Hardware is cheap and cheerful. Source from multiple suppliers. Write your own firmware. Have it checked by teams in different countries and foster some spirit of competition between them.
Expect that people will try to compromise your hardware (building nasties into the CPU/ASIC?) and try your hardest to write stuff that will detect it. Shut down if required, work around if possible. Have network gear that doesn't trust what's attached; always look for suspect traffic, etc.
No single point of failure. Not even in your supply chain. Someone bombs your motherboard factory? That's why you source from multiple places! Etc.
Biting the hand that feeds IT
