Well if you are in the business of running any arbitrary user uploaded/controlled stuff you might wish to verify that said stuff didn't acciddentally/maliciously manage to escape your 'secure' sandbox and backdoor the host OS, quite possibly because the crap was so broken that 27 different botnets 1 crytolocker scam began to call your machine/VM/container 'home' within 5 hours of it booting up...
... And when it comes to that, once you are in that line of work then you start to wonder just how feasible the scenario is and just how many threats are actually credible. And once you start looking you see things you cannot unsee, and a certain measure of paranoia/depression/substance abuse is the natural expected end state -- which also primes you for this kind of programming work.
At which point you might as well try to make the world a slightly less terrible place for early boot security.
Re: Point?
... And when it comes to that, once you are in that line of work then you start to wonder just how feasible the scenario is and just how many threats are actually credible. And once you start looking you see things you cannot unsee, and a certain measure of paranoia/depression/substance abuse is the natural expected end state -- which also primes you for this kind of programming work.
At which point you might as well try to make the world a slightly less terrible place for early boot security.