Sure, but I mean the chances of someone creating a virus specifically to run when plugged into a pi running pi OS or other Linux os with the purpose of attacking the eeprom, delivered by dropping usb sticks in public is so ridiculously small it has to be functionally non existent.