Anyone who is still using such devices..
There will be embedded devices out there still running ancient versions of linux, and still receiving manufacturer updates. In many cases the OS will have been minimalized to decrease the amount of effort required to update it, which is another advantage linux offers.

The fact that very few people still use such old linux devices is another matter, there is far less reason *not* to upgrade your linux devices - support for existing hardware is rarely dropped, memory requirements rarely go up, there are no huge costs involved etc.

FYI i still maintain several old linux boxes...
One running a 2.4.x kernel, because it's used to control an SGI machine that requires a proprietary kernel module..
Another running a 2.2.x kernel because i use a third party encryption program that was never ported to newer kernels.

Both of these systems despite having old kernels, have relatively up to date userlands and the services exposed to the network are also kept updated.

In the case of XP, clearly the up front costs have long ago been recovered many thousands of times over.

Well that's the whole point, you don't need to provide support indefinitely you only need to provide the code to arbitrary third parties and they can continue providing support if you choose not to.

Look at all the embedded devices out there still running linux 2.4.x (or even older), and still being actively supported by the device maker. If there's a market for something and people have the code - someone will step up to provide support.

So you're violating their terms of service and effectively pirating the content anyway...

And that's one of the biggest problems with netflix and other streaming services... Your limited by your bandwidth, which is also likely to go down during peak times (ie when you want to watch), and heavy use streaming means you can't do anything else on the connection either because its too slow or because your activity would cause the stream to stall.

I want a service where i can download and watch later, i have limited peak time bandwidth usage and unlimited late at night, at night the network is less congested therefore faster and i'm generally asleep so i don't care if it makes the connection laggy, and downloads are not hampered by fluctuations in performance.

With a downloaded file i can take it offline to watch somewhere i have no or poor connectivity, once the file is downloaded i can watch it knowing there wont be any dropouts, i can download overnight in whatever quality i want , even a 1080p movie will be finished by the morning on a 5mbps connection.

Streaming is often utterly impractical at the times you most want to watch something, eg:

on a train/bus/coach/car - the motion makes 3g slower, tunnels make it drop out entirely as does travelling in/out of service areas...
mobile data is often expensive...
abroad - roaming data is even more expensive
wifi is not always available, and even when it is sometimes its unusably slow and you trying to stream only compounds the problem...

On the other hand, a usb stick full of stuff you downloaded the previous night works very well in all of these situations. I travel a lot, and frequently find myself sitting around bored waiting for something, while having poor or no internet connection.

Almost always better to use a loop, a good compiler can unroll the loop if doing so would be beneficial and unless your targeting a single specific device, what's most efficient will depend on the hardware - eg a large unrolled loop might be slower if the loop is too big to fit in the cpu cache, and the unrolled loops increase the memory usage of the program which may be detrimental depending on the speed and quantity of memory etc.

On the other hand, the likelihood of this vulnerability actually being exploited is quite low for quite a few reasons... Primarily, because it requires that you first install a malicious app and then upgrade to a version of android which actually implements some new permissions...

1, very few users ever update (or even have updates available)
2, manufacturers will sometimes patch android but usually not provide updates to whole new versions and the small incremental patches wont introduce any new permissions
3, now that this issue has been discovered its highly likely that future updates will contain a fix for it, and users are unlikely to update to a version that isnt the latest available for their particular handset, so *if* they can and do update they will be patching this issue anyway.

Linux has 2 advantages here...

1, you have the source code so anyone can provide patches, not just the original vendor. If your shipping out thousands of ATMs you can even afford to employ a few developers yourself.
2, linux is far more modular so you can remove all the crap you don't require - if its not present it doesn't need to be patched.
3, linux has lots of distros to choose from, with varying levels of support.. some of the embedded ones are actively supported for a long time

Why would the banks have to do it? Banks don't build their own ATMs, they buy ready made ones and slap a bit of branding on top...
For the manufacturers of ATMs, the burden of supporting a cut down ATM-specific linux distro is rather minimal compared to the support they have to provide for the hardware and their own application anyway. If you stripped down a linux system to the bare essentials necessary to run an ATM, you'd not have a lot of code running there so there wouldn't be a huge number of patches you'd need to backport anyway. Plus there are other organisations in other markets in the same boat with whom you could share resources.

Have you not looked in access logs or firewall logs? chances are whoever is exploiting this is also actively scanning for it...

What happens if MS goes tits up? Where do you get your compatible OS from?

Having multiple suppliers for something important makes sense, but running single vendor software completely destroys that benefit.

Not only support it themselves, but if they strip the system down to the bare essentials there will be a lot less that actually needs maintaining... Having a load of unnecessary code on your device is stupid, doubly so if you have to keep patching it.

Most businesses don't think that far ahead, at least when it comes to things which are not their core business...
The idea that they would make their business dependent on software only available from a single vendor is equally staggering.

The exclusivity of the trade secrets was not stolen, neither party has exclusivity anymore...
The exclusivity was destroyed, since no noone has exclusivity.

That's assuming the malware is targeting end user workstations... The malware discussed in this article explicitly targets servers, and linux is far from an obscure platform when it comes to servers.

There are many other reasons than lack of desktop users why there is less malware for linux... Linux users are far less likely to be running with admin privileges, linux users have to take extra steps to execute a random binary, linux users are less likely to want to execute random binaries due to the prevalent use of repositories, linux users are generally more savvy than windows users, linux users are more likely to have updated their applications (again due to repositories)...

Also the idea of "security through obscurity" is usually promoted by proponents of closed source, who somehow think that restricted distribution of the sourcecode will prevent people from finding exploitable holes.