We have to do risk assessment whenever there is a firmware upgrade or wherever there is a CVE against such software or hardware. By purely pragmatic reason, people agreed that it’s actually a lot more expensive. We have to keep doing systemic risk analysis, every upgrade. Such a value-based conversation is not actually ideological.