so wait, you are unhappy that we can setup our own OS on that thing? And to fix that, you are proposing to *restrict* the software you can run on it so that you can't modify it... that doesn't keep cisco routers from getting owned, or any other proprietary device from getting hacked, as far as i know.
there are litterally millions of home routers that run a "limited set of well documented functions" that are regularly abused for DDOS attacks to a complete port scan of the entire internet. and there are hundreds of people trying to fix those machines in various ways, either by reverse-engineering the hardware and installing free software on it or by just fixing the proprietary crap that's shipped with those. at least this machine starts on the right foot: it ships with free software and allows you to run your own.
any machine comes with its own foot shooting device, whether it is its openness or the false feeling of security that it's fine black box that will never fail and never need to be upgraded.
not understanding and not being able to fix a device isn't a advantage in security, i thought we agreed on that...