This is a fair point, but I find that in practice I usually need something more like a probability assessment to act on, or better information about mechanisms.
Disambiguating information such as 'the flash component reloading normally occurs under condition X and Y, you guys may have been compromised but you'll have to decide if that's more plausible than X or Y' or technical constraints like 'to pull off exploit delivery that way an attacker would have to P, Q and R. If they did it should leave traces in S which you could try to check by doing T' would be a real help.
I'm certainly not disagreeing in theory with taking a pessimistic view on the security of any networked machine, but unfortunately that's way too restrictive as basis for action in most situations.
Disambiguating information such as 'the flash component reloading normally occurs under condition X and Y, you guys may have been compromised but you'll have to decide if that's more plausible than X or Y' or technical constraints like 'to pull off exploit delivery that way an attacker would have to P, Q and R. If they did it should leave traces in S which you could try to check by doing T' would be a real help.
I'm certainly not disagreeing in theory with taking a pessimistic view on the security of any networked machine, but unfortunately that's way too restrictive as basis for action in most situations.