We need an internet of firewalls. I dislike tech legislation, but sometimes I think all networked devices should be required to have an internal firewall.
Many of these devices have to listen for something. Mdns, http, printer, etc. Having a firewall does nothing when you have to open up the ports that are being exploited anyway.
Well, they don't need to listen to everyone that knocks. I'm sure we would be delighted when devices would only talk to clients with valid certificates from the vendor, right?
Edit: disclaimer: I work for Google, but my only contact with the home ecosystem is having a Chromecast.
Would we? The next thing that would happen is those certificates would end up inside secure chips, and suddenly the only way to talk to an IoT device would be through an official vendor's app, over an official vendor's bridge. No thank you. Turning physical products into services is not what I want.
This reminds me of a product idea I had a while back - a sandboxed wifi router that plugs in to your existing router. When you setup your IoT devices, you point them to the sandbox. I figure this already exists, and nobody cares.
Guest WiFi usually uses a captive portal, I think. I don't think that would work with something like Google Home, which expects to have internet access right away AFAIK
A much better LAN firewall will be needed, can also mean you can easily get rid of 1 to many NAT with IPv6. It would have to be self learning for any hope of adoption by the mass market