Except, in the state that the exploit is in, it's hard to setup for a "consumer." It's also partially dangerous since the user has to modify their nand (manually, as the exploit is contained in the whitelist which is copyrighted, or potentially an xdelta patch could be used for distributing patches early on).
And (I'm 90% sure I'm wrong about this) if the whitelist ends up corrupted then the DSi might brick. The devs wouldn't want to release a buggy product without rigorous testing to make sure it works properly (see: OTPless A9LH).