Consumer-grade Internet of Things (IoT) devices, such as low-end routers, IP cameras and other always-connected appliances, have become an integral part of modern life, providing everyday connectivity and digital services in homes and small businesses. However, their affordability often comes at the expense of security. Manufacturers targeting the consumer market prioritise cost and usability, resulting in devices with critical vulnerabilities that can be exploited to gain unauthorised access and steal sensitive data. Tampered devices containing Trojan horses can also be reintroduced into the market. This widespread fragility highlights systemic weaknesses in the IoT ecosystem and emphasises the need for a practical approach to understanding hardware security.