My understanding is that it’s more for logging in industries like aerospace, where it’s imperative to be sure that bolt X was tightened with force Y if you don’t want the airplane to fall apart. Networking isn’t the only way to do this, or even the only automated way, but I guess they didn’t want to have to hook each wrench up to a USB cable at the end of every shift to download its log.

(The comments section on Ars is studded with remarks about Boeing, as you would expect.)

Because in event of a product change all wrenches can be updated immediately via network with all new codes and torques instead of someone having to go through each tool and upload new specs or swap memory cards manually.

It may not make much sense to us, but for a manufacturer it saves time and reduces the number of bodies needed to do the tech work. That’s $.

But of a slippery slope. What else do we need to encode?

A barcode doesn’t have enough bits to be unique and also contain useful information. It’s just a unique identifier that can be used to look up a wide variety of information.

For bolts, it could be metal grade, thread pitch, load ratings, manufacturer info etc

For critical bolts you want a record in a database. See Boeing’s panel scandal for the need for that. Could be a local-only database though

Not an industrial process engineer, so I can’t tell you all the possible reasons, but in general it works out well to assume that people have a reason for why they do stuff, and doubly that you probably can’t do someone’s job better than them with 10 minutes of thinking.

My initial guess would be that you want the system to record “yes, I tightened these bolts”, and then you want that record to have a matching “I inspected these bolts and they were correct” follow-up entry.
My next thought would be what you do if the sticker falls off. In the sticker only solution, you have to look up the part, and then enter the parameters into the tool. In the networked system, you look up the part and then the system programs the tool. Automatic is going to be faster and have less errors. Both of those improve product quality and save money, through time, not having to fix error, or having to dispose of parts that were made incorrectly and can’t be salvaged.

The existence of a vulnerability is very different from the exploitation of that vulnerability.
You fix the vulnerability, but you don’t need to worry too much when a prerequisite is that the attacker has already gained a privileged position in the system.

This is “oof” not “oh shit”.