Thanks! that is the great thing about feedback ha ha. Obviously the HN crowd are going to be more wary of this.
But even if they weren't, in general you want to assume you will be hacked, and then based what permissions you ask for based on that assumption. I.e. be secure, and use principle of least priveledge, even if the users don't care. This is why I try to get out of having admin permissions to things at work :-) </rant>
A lot of IoT security problems has that combo of vendor and consumer both not caring/understanding/being aware of security issues.
But even if they weren't, in general you want to assume you will be hacked, and then based what permissions you ask for based on that assumption. I.e. be secure, and use principle of least priveledge, even if the users don't care. This is why I try to get out of having admin permissions to things at work :-) </rant>
A lot of IoT security problems has that combo of vendor and consumer both not caring/understanding/being aware of security issues.