Don't forget the biggest botnet being ASUS who didn't disclose the scanning... or whatever else they happen to be doing without the explicit consent of the owner.
Issues like this don't happen across such a wide area by accident.
Basic professional practices have any updates tested beforehand on physical hardware at multiple stages before any push happens, and they leave it up to the user because pushing an update without the owner's explicit consent to a device they own, runs afoul of the same hacking abuse laws. The legal exposure is massive.
It also doesn't account for the fact that firmware was attempted to be updated on devices which were set to not update. ASUS has a lot to explain. They didn't release any kind of statement so the lawyers and computer forensics people will likely need to get involved to get to the bottom of it.
I look forward to eventually hearing about what really happened.
Issues like this don't happen across such a wide area by accident.
Basic professional practices have any updates tested beforehand on physical hardware at multiple stages before any push happens, and they leave it up to the user because pushing an update without the owner's explicit consent to a device they own, runs afoul of the same hacking abuse laws. The legal exposure is massive.
It also doesn't account for the fact that firmware was attempted to be updated on devices which were set to not update. ASUS has a lot to explain. They didn't release any kind of statement so the lawyers and computer forensics people will likely need to get involved to get to the bottom of it.
I look forward to eventually hearing about what really happened.