[reaperducer]

People like to shout "cryptobotnet!" every time someone questions the need for absolute security with devices connected to the internet.

You might get 2¢ in about 40 years mining with my IoT light bulb. Good luck with that.

[margalabargala]

There are plenty of reasons not to want your IOT bulb to be insecure that are unrelated to people mining crypto.

A pwned IOT lightbulb can be used to help DDOS sites. It can relay DDOS traffic, eating your own bandwidth. It can be constantly probing the other devices on your network looking for vulnerabilities, until it pwns something else and is able to slurp down your passwords and credit card numbers.

Are you seriously suggesting that having an actively malicious computing device inside your home network is no big deal?

[elabajaba]

If it has a camera, it can be used to steal your security keys if it can see the power LED on your device (or potentially even just if something connected to your device has a power LED).

https://www.nassiben.com/video-based-crypta

[reaperducer]

Fortunately, none of my computers have power LEDs. Also, I don't live in a nuclear weapons facility where I need "security keys."

[two_handfuls]

Security keys are a software thing, not a physical thing like in movies. They are used everywhere, like in ssh or OAUTH.