Greater functionality (like loading code through a port) is always paired with potential security issues. Sounds like Apple is addressing them.
It's an interesting demo, but I wouldn't spend a millisecond worrying about it, as long as the machine isn't being physically attacked.
This article’s got me wondering about potential USB exploit vulnerabilities on shared computers at, for example, your local library. My local branch kept having its wifi ID changed by the kids until I showed the librarian how to set the router’s admin password to something other than the factory default.
You’re right about physical access, but most users don’t think that plugging in that new external hard drive they just bought could be a security risk. Back a few months ago when FTDI was threatening to brick machines using counterfeit USB chips, they were concerned with IP and lost revenue from counterfeiters, but the reality is, if a work-alike device can masquerade as a USB controller, it can do other evil things if someone wanted to. Old-fashioned serial and parallel ports had to be polled but starting with USB and now Thunderbolt, it’s a different ballgame.