Fun fact: due to the way CakeHax/CakeBrah works, there's absolutely zero difference between an A9LH payload and an mset/*hax payload. They're exactly the same, bit by bit, their only difference is the executing environment. Abandoning the old entrypoints would do nothing other than remove the CakeHax submodule and a few lines in the Makefile.
It's not like the old entrypoints are limiting CFWs in any way...
Not really. I'm not entirely sure on other regions (EUR, JPN, etc.) but on USA they're perfectly able to rewrite any part of the NAND as they see fit without user consent (they'd get your consent when you agree to the System Update).
And btw if they do anything similar to what I've described there's no way they'd brick unhacked systems. Absolutely zero chance.
Then again, their check would be patched out pretty quickly by devs over here... unless they added time checks in in order to have it kick in when special conditions are met (for example, date/time).
Ironically enough, the safest users would be the ones running the old entrypoints
Then again, this is all hypothetical...