By the look of that they're simply complaining about the character length ("The advice followed a Which? snapshot investigation which found that hackers could access to home networks and connected appliances in as little as four days.")
The older hubs use 8 characters and the newer hub 3.0 uses 12. Both are comparable in complexity and have WPA / WPA2 protection - not WEP. WPA isn't fast to crack. To quote something about crack time
"(a) a standard desktop CPU can do roughly 1000 passwords/second. (b) a desktop GPU (graphics processor) can do roughly 80000 passwords/second, or 80 times the speed of a CPU, or 30 days to crack your hypothetical password (c) a cluster of 8 GPUs is 8 times the previous number, or 8*80000 or 640k passwords/second, or 4 days to crack your hypothetical password (d) Amazon EC2 uses older/slower GPUs"
You aren't going to find an Amazon cloud data center in your front yard. If a 'hacker' was trying to pop someone's WiFi, they would be doing so sat in their car using a laptop (low powered compared to a desktop.) And they'd be there for a very long time (month+, in short they wouldn't bother when they seen it wasn't running WEP.) 8 to 12 character WPA/WPA2 passwords on WiFi are a standard.
I'm not sure how Which was performing their tests, but it certainly wasn't putting an Amazon data center in peoples properties and illegal trying to pop the WiFi.
+Add: You could make comparison articles about any other ISP using similar length WPA/WPA2 passphrases. Looks like a nice little scare article based upon what you can theoeritcally do if: 1) if you can get Amazon to put a data center in someone's front/back yard and 2.) have Amazon agree it's there to hack that person's WiFi and 3.) hope the person doesn't notice the data center on their property...
Their's a line between feasible unfeasible and that article crosses it into unfeasible.
- - - - - - Any opinions expressed by myself are entirely my own and do not represent Virgin Media in any way.
The study, carried out in conjunction with ethical security researchers SureCloud, tested 15 devices -of which eight had security flaws.
In one case a home CCTV system was hacked using an administrator account that was not password protected. Hackers were able to watch live pictures and in some cases were able to move cameras inside the house.
A spokesman said: "The security of our network and of our customers is of paramount importance to us".
No mention of enabling "Wireless MAC Filtering" under the advanced settings/wireless/primary network of the hub, telling the hub to ignore any device trying to connect that's not in your filters list? Or is that option useless in this case?