Another workaround is to not let anyone touch your computer (unless you trust them) because you need to have access before doing anything. This is a ridiculous bug, but it's not easy to exploit remotely.

It's a strong indication that the code they are using to manage login is too complex and needs to be simplified.

Let's pray for a drought in California.

How much do you want to bet within five years people will be wishing for Flash back, because it was so much better than what we end up with?

IF they truly are internet accessible, then I've mapped them myself. zmap is great.

Blackhats do research, too.
Researchers are sometimes unethical.

ethical and illegal are two very different things. An ethical person will do illegal things, if they are the right thing (like Snowden. Super illegal). Don't let the illegality of it confuse you. What they are doing is dangerous, but finding mistakes and letting the world know is the ethical thing to do.

The unethical ones in this situation are the companies who released their code without a security review. Those managers didn't give the programmers (or QA) extra time in the sprint to test for security bugs.

If you want a good ISP you need to use DSL, where there are plenty of competitors.

This is strong evidence that lack of competition is the worst thing right now in the cable ISP world.

After heartbleed, security researchers realized you could give a vuln a catchy name and a cute logo and it would get a lot more attention.

Since being a security company is more a matter of marketing than skill (in a great many cases: look at the most popular anti-viruses), once the white hats realized that, they did it more.

Yes, yes I would.

Also yes.

We have entered the era of the glorification of the consumer. All you should do is consume, and feel happy about it.

Not because they care about you. Because the consumer can be monetized.

Easy. Companies should be liable for gross negligence. Things like default passwords haven't been best-practice for a decade now.

Leaving the telnet port open has been a bad idea for a long time.

Yes. Sometimes the bug is hard to stop, but sometimes it's a clear case of negligence. The manufacturer just doesn't care.

It depends on the problem, right? Imagine you want to kill me, and I want to kill you. There's no way to solve that problem equitably. Now realize this is a problem that people in the real world face. Erdogan had a coup attempt against him, and Assad has half his country wanting to kill him. His solution is to kill them first, which thus far has been effective. Then of course ISIS just wants to kill nearly everyone. In fact, they believe it is the will of God, and he is on their side.

Dialogue is not always an option, and even when it is, sometimes lawsuits work better which carries the implied threat of violence (from the state).

It's older than that, mate, read history. "Barbaric" outsiders have been invading "civilized" areas for as long as cities have existed. And the 'civilized' folks have always talked about it in terms similar to yours, with nothing but disdain up until they are destroyed.

It's an old cycle.