Its most definitely a quantifiable, collective wrong when that choice leads to a total security disaster like the embedded ARM situation. It might not be so bad if they bothered to update their drivers, but they dont even let other people try to do so.
Unluckily this is true. But there is a central difference: If such a security bug occurs in an open source software, you can in principle look for the bug source yourself to fix it to secure your computer to against attacks. If it is closed source, this is hardly possible or often such a self-defense is even illegal.
