An anonymous reader writes: ACPI comes from an era when the operating system was proprietary and couldn't be changed by the hardware manufacturer.
We don't live in that era any more.
However, we DO live in an era where any firmware code running on your phone, tablet, PC, TV, wifi router, washing machine, server, or the server running the cloud your SAAS app is running on, is a threat vector against you.
If you read the catalogue of spy tools and digital weaponry provided to us by Edward Snowden, you'll see that firmware on your device is the NSA's best friend. Your biggest mistake might be to assume that the NSA is the only institution abusing this position of trust — in fact, it's reasonable to assume that all firmware is a cesspool of insecurity courtesy of incompetence of the worst degree from manufacturers, and competence of the highest degree from a very wide range of such agencies.