[kainite311]

Maybe I am misunderstanding, or just not seeing the rule. My Google foo has not seemed to answer the question definitively.

For this example assume a Willpower of 3 on the character, and a rating 6 commlink (use the basic core commlink that has same stats for all - Device rating/data processing/firewall).

Unattended devices use their device rating as their stats - therefor the commlink laying on the ground resists with 12 dice (6 device rating + 6 firewall). However that same link being used by the above example person now only rolls 9 dice for defense (3 Willpower + 6 Firewall). Is this correct? Am I missing a rule somewhere that says you can use the higher of the 2?

I have seen some people justify this as the person owning the link has messed with its settings. This only makes sense if they are DUMB enough to do that. It makes no sense if I just bought it and used the default settings out of the box (nor does it explain if I leave it unattended, it goes back to normal).

 

[Stainless Steel Devil Rat]

I logically can't prove a negative but I'm comfortably sure there's no rule saying you get to ignore WIL if your commlink's DR is higher than your WIL.

Keep in mind that even while the average stat for willpower is 3, the average stat for commlinks isn't 6.  Most (non-shadow community) people use a rating 1-3 commlink, which makes it a relatively moot point anyway for pedestrian NPCs.

I'll address a couple issues in the OP specifically:

"In use vs not in use": A device 'laying on the ground' could still be in active use by a character. What with AROs and AR interaction gloves/glasses/etc being omnipresent, you can use your commlink without ever directly touching it.  Most people probably do just leave it "unattended" in a pocket or perhaps even on a nearby table top.

Why does a commlink get easier to hack when in use by a person with not-awesome WIL: Because hackers get you to click on stuff. "Click here for an amazing deal on penile cybernetic enhancements" and "Click here for the most amazing celebrity augmentation fails!" and "You won't believe what ever happened to Maria Mercurial! Click here to find out!".  A device won't fall for that drek if it doesn't have a dumb user

[kainite311]

Why does a commlink get easier to hack when in use by a person with not-awesome WIL: Because hackers get you to click on stuff. "Click here for an amazing deal on penile cybernetic enhancements" and "Click here for the most amazing celebrity augmentation fails!" and "You won't believe what ever happened to Maria Mercurial! Click here to find out!".  A device won't fall for that drek if it doesn't have a dumb user

Yeah, I have seen that argument, but it doesn't hold up under fire. In a shoot out, I doubt someone is going to take the time to click on spam bait. however, if your saying it happened prior (2 days ago when you were 'researching' or daily browsing), then maybe. So that would imply that it would be bound to that, even when you set it on the nightstand at bedtime, which opens up another can of worms in the "in use/not use" debacle.

Another monkey wrench is the whole "only used it for hooking up my devices for protection, and never used it again", i.e. - I use a different device to search, hack, call, ect... Which then can cannonball into, I had the decker hook it all up for me and do the settings and now use his Willpower (or insert highest willpower character of the group) and I have not used it for anything since...

I agree the logic makes a certain sense, you messed with settings and are dumber then the device and therefor lowered its protection. But it fails after another certain logic of let someone smarter set it up then and never use that device, use a separate device for everything BUT protection.

[Stainless Steel Devil Rat]

On the flipside: during a shootout a low-WIL character is likely to just ignore or dismiss warnings his commlink is trying to give him and focus on the life-and-death details of combat instead.

Ultimately it just is what it is: for matrix defense tests you use only use DR (or HR) when the cited attribute isn't available.  Explanations of why can always be argued about, but those explanations are just fluff.

edit: This quote is relevant:

When a defense test calls for a Mental attribute,
use the owner’s rating. Even if she isn’t currently defending
or even interacting with the device, her previous
interactions and settings affect the defense test. If
a device is completely unattended, the Device Rating
stands in for any Mental attributes an icon needs but
doesn’t have. For example, a device that an owner sets
and forgets, like a door lock, uses its Device Rating in
place of Intuition as part of the defense pool against a
Control Device action.