The seal of approval is implied though. They're carrying it in what is effectively their "store." If you bought something out of a Best Buy and it turned out to be full of malware, you'd go back to Best Buy (justifiably) pissed off, and in my mind Best Buy just throwing up their hands and saying "Well we carry a lot of products, we can't check everything" isn't a very good answer.
True that, but we're not talking an installed SSL cert buried in the system, this guy found it by opening the page and clicking view source. Not exactly well hidden.
Yeah, all you have to do is order a camera from a third party seller, open the box, power everything on, visit the admin page, view the source, and then Google the domain name used in what looks like an ad tracker at the bottom of the page.
