Like i said you are not understand. Look at heartbleed. Look at Samsung keyboard exploit. All were patched without carrier two way street deal you are talking about. It's a critical security patch which carriers are always hands off on. They do not want to be held liable for any damages that occur.