A problem is that once a thing like that exists, it ends up on security audit checklists and then people do it without knowing whether they have any reason to.