Lots of home automation devices use Bash too which was recently discovered vulnerable. The technology really isn't there yet (no unified standard, etc. etc.) and I'd avoid anything that directly connects to your router for automation. Nest looks sweet, but I'm sure it's going to be a total nightmare for the owner if it gets hacked.
We've had pretty good results using mesh networked zwave devices hooked to a security panel reporting through alarm.com. But still, it's got a web login and I use a username/password, so it's as vulnerable as anything else.