A bad idea comes back around, this time applied to the Internet of Things. The notion of a bit of self propagating code that defends instead of attacks is arguably as old as the Internet. It is never a good idea given the huge space of unintended consequences from unpredictable interactions with existing software to simple bugs exposing affected devices even more so than untouched ones. It is always better for devices owners to be aware of updates to their devices, ideally through a known and trusted mechanism.
ExtremeTech thankfully gets one of the risks of a well intentioned worm right, namely that we honestly don’t know what it may do. Hajime at a minimum blocks vectors known to exploited by the more well known Mirai malware that converts unprotected IoT devices into botnet nodes. Even if a white hat truly wrote Hajime, I don’t see how it produces the right pressures on industry, to do better at security, at a minimum ensuring devices are field upgradeable via a secure channel.