This is a very good point and I use firewalls and other segmentation on my local LAN because security is so lose and cannot be considered a "place of implicit trust." Unfortunately smartphone don't natively support firewalls or iptables, but everything else that does is configured, and my LAN topology is not flat.

This is the best comment. What I'd like to see is a home micro-segmentation product like Tetration or Illumio to prevent lateral movement, but I'm a fucking paranoid nerd and like you said, most users leave default router passwords without updated firmware.