After installing Debian, I was reading through the Securing Debian Manual [1], and I found a warning to not connect to the internet during installation [2]. This surprised me, because this seems to be the default way of installing Debian, and in fact there are many stories of people getting broken/unusable installations when installing without internet access. Moreover, the installer asked for an internet connection early on in the process with no clear option to opt out (but maybe I missed it), and neither the Debian Installation Guide [3] nor the installer mentioned anything about this being insecure.

So my question is: when installing Debian stable (Bullseye) to a laptop in 2022, is it dangerous to connect to the internet during installation? What are the specific risks? For instance, the Securing Debian Manual [2] says:

Since the system will install and activate services immediately, if the system is connected to the Internet and the services are not properly configured you are opening it to attack.

Which services are meant here? Does this only apply to server installs (which might be running a web server, SSH, etc.), or does this also affect desktop users?

References:
[1]: Securing Debian Manual. https://www.debian.org/doc/manuals/securing-debian-manual/index.en.html
[2]: Securing Debian Manual, Section 3.3: Do not plug to the Internet until ready. https://www.debian.org/doc/manuals/securing-debian-manual/ch03s03.en.html
[3]: Debian Installation Guide. https://www.debian.org/releases/stable/installmanual

After installing Debian, I was reading through the Securing Debian Manual, and I found a warning to not connect to the internet during installation. This surprised me, because this seems to be the default way of installing Debian, and in fact there are many stories of people getting broken/unusable installations when installing without internet access. Moreover, the installer asked for an internet connection early on in the process with no clear option to opt out (but maybe I missed it), and neither the Debian Installation Guide nor the installer mentioned anything about this being insecure.

So my question is: when installing Debian stable (Bullseye) to a laptop in 2022, is it dangerous to connect to the internet during installation? What are the specific risks? For instance, the Securing Debian Manual says in Section 3.3: Do not plug to the Internet until ready:

Since the system will install and activate services immediately, if the system is connected to the Internet and the services are not properly configured you are opening it to attack.

Which services are meant here? Does this only apply to server installs (which might be running a web server, SSH, etc.), or does this also affect desktop users?

After installing Debian, I was reading through the Securing Debian Manual [1], and I found a warning to not connect to the internet during installation [2]. This surprised me, because this seems to be the default way of installing Debian, and in fact there are many stories of people getting broken/unusable installations when installing without internet access. Moreover, the installer asked for an internet connection early on in the process with no clear option to opt out (but maybe I missed it), and neither the Debian Installation Guide [3] nor the installer mentioned anything about this being insecure.

So my question is: when installing Debian stable (Bullseye) to a laptop in 2022, is it dangerous to connect to the internet during installation? What are the specific risks? For instance, the Securing Debian Manual [2] says:

Since the system will install and activate services immediately, if the system is connected to the Internet and the services are not properly configured you are opening it to attack.

Which services are meant here? Does this only apply to server installs (which might be running a web server, SSH, etc.), or does this also affect desktop users?

References:
[1]: Securing Debian Manual. https://www.debian.org/doc/manuals/securing-debian-manual/index.en.html
[2]: Section 3.3: Do not plug to the Internet until ready. https://www.debian.org/doc/manuals/securing-debian-manual/ch03s03.en.html
[3]: Debian Installation Guide. https://www.debian.org/releases/stable/installmanual

After installing Debian, I was reading through the Securing Debian Manual [1], and I found a warning to not connect to the internet during installation [2]. This surprised me, because this seems to be the default way of installing Debian, and in fact there are many stories of people getting broken/unusable installations when installing without internet access. Moreover, the installer asked for an internet connection early on in the process with no clear option to opt out (but maybe I missed it), and neither the Debian Installation Guide [3] nor the installer mentioned anything about this being insecure.

So my question is: when installing Debian stable (Bullseye) to a laptop in 2022, is it dangerous to connect to the internet during installation? What are the specific risks? For instance, the Securing Debian Manual [2] says:

Since the system will install and activate services immediately, if the system is connected to the Internet and the services are not properly configured you are opening it to attack.

Which services are meant here? Does this only apply to server installs (which might be running a web server, SSH, etc.), or does this also affect desktop users?

References:
[1]: Securing Debian Manual. https://www.debian.org/doc/manuals/securing-debian-manual/index.en.html
[2]: Securing Debian Manual, Section 3.3: Do not plug to the Internet until ready. https://www.debian.org/doc/manuals/securing-debian-manual/ch03s03.en.html
[3]: Debian Installation Guide. https://www.debian.org/releases/stable/installmanual