While it's ultimately going to help to shame vendors regarding their poor security practices, it's really irritating and unfortunate this is all being framed as a Supermicro issue. How about the other companies in the same market space, like Tyan, that I'm sure are no better? For that matter how about the "Tier 1" OEMs like Dell and HP - how well-written are their BMC firmwares?