Seems overblown. They said crypto, gaming, gambling, advertising, and marketing sites were the biggest targets. Not exactly critical stuff.

As far as botnets… Let orgs or agencies either patch the devices or disconnect them. Seems like there should be an agency that scans for problematic devices and takes action automatically.

It’s a sad development, but inevitable. Eventually you can’t discern malicious traffic and real user traffic, I’m pretty curious as to what will happen then

I kinda like how tor has done a proof of work before a request is acceptable