Aug 01

Silent updates: Good, Bad, or Safe?

Comic, Security, Tech with tags: 7 Comments »

Update Paradox

I am in a paradox this morning. I found myself managing a million friggin updates to various software and components.

There were the iPhone Apps (keep hoping that NetNewsWire will get stable :(), and the software updates, and the browser plugin updates, and the list keeps going on.

It is interesting, because at the same time, if I download an application that doesn’t tie into an auto-update framework, I get frustrated. I am maddened as I know that I won’t stay on top of the versions, and I shouldn’t have too!

So, I want all of my software to update, but I don’t want to be bugged all of the time. Hmm. How about silent installs? What if I could say for a set of apps “just keep these puppies up to date and don’t even bug me”. Maybe just a growl “hey, just so you know, I updated NetNewsWire to the latest point release, and if it isn’t working well, you can revert”. Having revert would be cool (but potentially more work).

But wait a minute, what if that happened and suddenly something stopped working, or I just didn’t like the new version? Well, revert can help there, but maybe you could have a setting where silent updates happen only for point releases.

What about security though? This would allow developers to sneak in some code without me even knowing! True. That sounds scary doesn’t it. However, isn’t that bogus? They could just put it in the new release and you would update anyway! I doubt you are cracking open the .exe to look for malicious code :)

The fact is that we rely on trust. We weigh up trust. And, I am willing to trust certain companies and people to do silent installs.

In fact, someone on the Gears team mentioned that they think it is the developers responsibility, and that it has to be taken seriously. What if there is a security breach? If you have the ability to push out a fix in short order, you can minimize the scope. Else, there will always be a serious of people who never upgrade and are taken over. How many 5 year old worms and viruses are out there that still propagate due to your aunt running Windows 98 with no changes to it. Ouch.

So, I am all for a change. Time to allow more silent upgrades. Developers, protect me, and don’t bug me all the time!