This is, to a large extent, scaremongering. While there are some valid points made in the article, the article fails to differentiate between security problems that can be exploited by trolls or single, untrained individuals, and ones that take a powerful team working on behalf for a government or other such group to exploit. It's the difference between the hospital being defended against your average thief, and being defended against a strike squad of ninjas. Despite this, the article does make good points when it comes to the lack of worry about the problems they found. Even though these vulnerabilities may be over hyped, they are real and the lack of focus on these vulnerabilities is chilling. The real underlying problems for this stem not from an industry that leaves bugs in applications designed for high security, but in the fact that the industry doesn't realize that security needs to be the default, whether or not you see exploits being used.