I’ve not looked at these in a while. I would expect that Google/Nest would do a better job of security, but…
…Google has a history of product abandonment. These rely on a central server for many features. A responsible design would have essential services rely on that central server. The question then becomes “essential to whom?” Many of googles services are designed to keep you dependent on them. Past cases of abandonment have bricked what would seem to be otherwise network-independent services.
I’m a cranky old fart. I’m relieved my car uses a mechanical key lock and has no known remote hacks. I’m also glad I don’t use any highly theftable Kias or Hondas that the manufacturers refuse to fix.
The fact is that all of these features increase the attack surface. Whether the convenience offsets the increased risk is a personal decision.
Features you don’t or rarely use still increase the risk if they can’t or aren’t disabled. I do observe that once the “new is rubbed off” most folks seem to not use the majority of of these features. It’s usually easier to fiddle with keys than to authenticate on a smartphone. It even seems rare that any of them are used in the long run due to limitations on their practical use.
I’ll wait until they are clearly mature and the security issues and advantages are clearer and more stable.