There's seems to be an army of aspiring CVE bros cargo-culting this idiocy; they pretend to live in a parallel universe where state-sponsored intelligence groups are spending millions to get at the cat photos on their phones.
Obviously the premise that you should just blindly update a device where you have no recourse if the update breaks workflow/functionality/user experience (android, ios) or tries to monetize the hardware you actually own (msft) is prima facie stupid.
There have been quite a few real world examples of malware scanning the internet and just infecting every vulnerable device it can find. Though this mostly only affects things directly exposed like routers or servers.
There's seems to be an army of aspiring CVE bros cargo-culting this idiocy; they pretend to live in a parallel universe where state-sponsored intelligence groups are spending millions to get at the cat photos on their phones.
Obviously the premise that you should just blindly update a device where you have no recourse if the update breaks workflow/functionality/user experience (android, ios) or tries to monetize the hardware you actually own (msft) is prima facie stupid.