The devices that will be an issue going forward will be the hard coded ones ... termed incurable. That bodes well for B4x in that we can code (and patch) custom devices as vulnerabilities appear.
That may be fine if you have 2 or 3 devices that are hacked, but we are taking about tens of millions of devices supposedly hacked at the same time. How are you going to update them when the DNS is down?
The solution is to harden the software (as much as possible) so it can't happen in the first place.
1) If you have 20 million apps out there with a B4A app controlling a camera or some other IoT device, how do you prevent it from happening to you?
2) Do you issue 20 million SSL certificates, one for each device when the device is sold?
3) How to you prevent your app from being hacked?
4) If you don't hard code your SSL certificate in the app, where do you put it? How do you secure it?
It would be great if someone could sell/distribute 20 million B4A apps, but not so great if they wake up the next morning to discover it was hacked to take down the Internet. ROFL