I understand the excitement of the author, but I think they've simply added to the attack surface for very little ROI. IoT security is a HUGE risk, and securing boot and firmware updates is nontrivial. Even the supply-chain can be attacked, where the JTAG programmers are targets. The idea of being able to tune an ML model in the field is something that should be either built into the firmware with a dedicated HTTP port (like most devices do, by adding a lightweight LWIP server for config that is severely locked down), or a specialized App, which is what 99% of user-configurable IoT devices already do.
TL;DR - Webassembly is completely unrelated to IoT provisioning and configuration.
I'm not completely sure your TLDR is a well-founded and fair distillation of your comment.
And your comment itself reads as if it's a skim of the post itself. Yes, IoT security is obviously a huge risk, yet Wasm would dramatically reduce the possibility space of many (but not all) types of attacks.
TL;DR - Webassembly is completely unrelated to IoT provisioning and configuration.