Yep, the manufacturers/software producers/etc. of ALL these things and the government are the spys, etc. and they just access these things with already built in access points, etc. so they don’t even have to “hack” into them like hackers would.
Absolutely. The app makers themselves are the danger. And their own security is not up to par so they get hacked instead and in turn your information/security/access indirectly. So the real problem is not being hacked directly, but indirectly through the services themselves as the conduit because they have open channels.