I don’t disagree with you per se but software development is error prone and we are talking about traffic from trusted networks (if you’re on a “public network” — to use Wi does terminology — then UPnP behaves very differently).

My point is: it’s very easy to post on message boards like this about what best practices should be when reviewing fuck ups from other companies. While at the same time ignoring the fact that we fuck up plenty of times ourselves too. In an ideal world software engineering would be held to the same rigour as other forms of engineering. But when software fails people don’t (usually) die. So what happens is developers end up getting overworked, given unrealistic deadlines and have to fix problems with software updates. those kind of scenarios will breed bugs like the aforementioned. So yes, you’re technically correct — but only in a universe that doesn’t have our current tech culture.

This is why I’m a little more pragmatic about my criticism.