Would you buy a video surveillance system that randomly cuts out for indeterminate amounts of time to install updates? Updates are also a reactive approach, patching the boat after it's sprung a leak. It should be easier to deploy proactive exploitation mitigation techniques, like containers, policies, privilege separation and so on. SELinux is great, but writing policies for a new service is asking a bit much. Mobile operating systems (Android, iOS) are off to a good start, the technologies just need to be more readily available.