Welcome to the "assisted" Internet experience!
So, could be a bit more critical about the quality and quantity of "insecure devices"? It isn't that large populations of not-so-well reputed OSes being abused for "something" were a new phenomenon. Admitted, numbers were smaller those days, but so was the infrastructure. Not neglecting the issue, but sceptical of knee-jerk policy making and too loud calls for regulations that remind me of the constrained (from the customers perspective) telco networks of 30+ years ago. Late victories ...
The point I was heading to is that there probably is a correlation between the number of firewalls and network wide access lists dropping port 137-139 and the reputation of those OSes :) Many did take the approach of “soft guidance” into safety. And more recently in discussions surrounding IPv6 CPE, I also observe many operators going for the “safe” option and default to dropping inbound connections, despite restoring end-to-end being potentially the key feature of IPv6. Afraid we might have accidentally rewritten the law, probably already a few years ago and most of today’s internet operates under: "Be liberal in what you do, be conservative in what you accept from others”. Marco