I don't understand this logic at all. The fixes are being made for a reason... avoiding the update just means you are getting more performance for a less secure system. Are you betting on a law of averages to break in your favor? Hoping you're not a target of hackers? what am I missing with this strategy?
The OP doesn't seem to suggest that they won't update, just that there is a considerable price to be paid in doing so.
> Are you betting on a law of averages to break in your favor? Hoping you're not a target of hackers?
Aside from anything else, I wouldn't be at all surprised if some people do take this gamble. They shouldn't, but if they're informed about it then it's in their own hands.
All of these issues require local execution. It’s perfectly fine for many single user, performance critical use cases to make this type of security trade off.
It wouldn't be the first time that a buffer overflow somewhere led to arbitrary code execution. What we're patching is a mechanism that allows escalating from unprivileged execution to reading kernel memory, and a mechanism that defeats KASLR
Just that I could be looking at a > 75% performance reduction on the same phone compared to when it was new due to the combo of battery degradation, security fixes and ios9 to ios11 general slow down.
I think that if they've disabled some cpu core features that might reduce the maximum power loading anyway and make the double whammy impact of security and battery related slowdown unnecessary.
