Except the SDK manufacturer won't list affected devices or even device manufacturers. It boggles my mind how this is an "acceptable" (i.e. in that nobody is taking them to task about it) response.

As long as the buyers are actually paying a fair price for them given the amount of water they are taking to grow as water supply is reduced.

>The best way to protect yourself from this vulnerability is to keep your device software and applications updated to the latest version

And I wonder how many such IoT devices are simply not upgradable and/or have already been abandoned by their manufacturer.

And on that note from an article: https://www.fireeye.com/blog/t...: "Mandiant is unable to determine a complete list of products and companies affected by the discovered vulnerability".

How convenient for them and their customers. How inconvenient for the end-users of such un-up-gradable and/or abandoned devices that will never ever know that they are vulnerable. Mandiant needs to be fined/sued into the ground unless and until they provide a complete list of devices. Whatever effort that takes them.