This guy is a hero. He bricked vulnerable device before they could be used for DDOS, or worse. And he did it at great risk to himself. I say well done.
The one point I disagree with is blaming the consumer. The simple truth is that security protocols have terrible UX, and until that improves nothing will change. Personally, I think it's time IoT was regulated and, in particular, we require a secure protocol at the time of deployment: IoT devices must be provably wiped, and then put into physical contact with an "owning" device before deployment. This, in turn, requires that people start using what I call a "Home Brain", a device who's primary purpose is to coordinate and secure all other devices that you physically own. I imagine simple versions to be as sophisticated as a router, and hackers might want to put together their own, something like a little home theater box. I suppose in a pinch your smartphone could work, too.
The one point I disagree with is blaming the consumer. The simple truth is that security protocols have terrible UX, and until that improves nothing will change. Personally, I think it's time IoT was regulated and, in particular, we require a secure protocol at the time of deployment: IoT devices must be provably wiped, and then put into physical contact with an "owning" device before deployment. This, in turn, requires that people start using what I call a "Home Brain", a device who's primary purpose is to coordinate and secure all other devices that you physically own. I imagine simple versions to be as sophisticated as a router, and hackers might want to put together their own, something like a little home theater box. I suppose in a pinch your smartphone could work, too.