"An open database containing links to more than 2 million voice messages recorded on cuddly toys has been discovered, cybersecurity researcher Troy Hunt has revealed."

http://www.bbc.com/news/technology-39115001

So, are IoTs really that insecure?

Security of many of these things is an afterthought, I found this a fascinating read:

https://www.amazon.co.uk/When-Gadget.../dp/0465031382

Relevant here.

The only reason "web connection" is there in these things is to share data with those who wish to buy it.
I'm doing the same on this snooping-piece-of-excrement Android typing this.
"Get with the propgram, nobody cares!".
It's expected that all and any potentially valuable information will be given to corporation in exchange for rubbish.
I'm just glad I'll not have children and will likely not see more than a decade or so.

What worries me is that this is also going into the medical field. Someone who has malicious intent can pretty much kill someone with a pacemaker (may not be net enabled, but bluetooth enabled) - though I am sure other types of devices might have some kind of net connectivity, for example a heart monitor that can be access through the net, if not secured there goes someone's medical info.

Lets not stop there, I am sure some evil person may have already figured out how to compromise even gaming consoles to be used as a bot , so imagine PS4s, Xbox One's and the upcoming Nintendo Switch. It is only a matter of time the net will see another major DDoS like the one saw a few months back. This time it could be even worse though.

Imagine, a hijacked army of printers, webcams, smartphones, gaming consoles, tvs, medical devices gathered for a major attack.

I'm more concerned with the multiplication of voice activated "assistants" for home use. They, by definition, are always on, always listening and cloud connected. The vendors generally point out only meta-data is being stored on their servers however as this article demonstrates, who's to say who has access to their systems ? The other question that always runs through my mind is what kind of meta-data are they collecting and who are they selling it too.

That's irrelevant to both the people producing these things and the people buying them.

Android only exists because so many people (and, sadly, I'm one) have actually allowed such an appalling thing to exist. I do so because I'm gambling on not being alive when these things get worse and I know my data is worthless to advertisers (I know everyone thinks that but with my lifestyle I know it).

We're all complicit in this and we keep on being complicit.

Edit: This post is kept on record for at least 12 months because Chairman Theresa May has deigned that every person residing within the United Kingdom of Great Britain and Northern Ireland is a Paedophile and Terrorist so everything single scrap of data they exchange must be recorded for anybody with even the lowest level of government clearance to see.

Not all...

Well Stallman warned us about this too, and he also stated that it is convenience over the continuous stripping of privacy.

I would be surprised if you hadn't been complicit but I will allow you to judge for yourself.
Which is why we need people like RMS and why I take exception to anybody dismissing Free Software, GNU and the like out of hand -- it's important to us all even if, especially if, we choose to use something else.

*shakes head*