One - shit obviously happens in closed source world, Windows has a looong security history for instance. Security by obscurity is not something that will work.
Two - if you are so much afraid of IoT, just don't plug your toaster to your WiFi. If someone does that, they open themselves to sliced bread attacks on their own peril. You are not forced to do so.