At least it appears this "exploit" was done in the aim of research, not harm. I'm all for raising awareness of our internet-wide vulnerabilities, but I'm also a bit leery when I find out about things like this after the fact. It's like saying, "Guess what, you were one of our 420,000 mice in our experiment and you did just great!"