

Automatic Update Hell Must End - techdog
http://asserttrue.blogspot.com/2009/04/automatic-update-hell-must-end.html

======
bdfh42
I too have been running for a good while now without ant-virus software. I
stopped paying the "virus tax" when I realised that my SPAM filters were
(collectively) filtering out all email virus packages - all I have to do now
is refrain from clicking on the "dancing bunnies" when visiting new web sites.

In any case it was my experience from assisting family and friends that anti-
virus software did a pretty poor job in the main - plus there were at least
two occasions when I had to assist in major problems actually caused by anti-
virus software deleting key system files.

------
AndrewDucker
God, what a stupid rant.

Sure, a single point of updates would be nice, but when asking that reboots
not be necessary, or that people just write better software in the first place
he's just making himself look ignorant.

Companies don't put auto-update functionality in for fun - they're there
because there _are_ security issues that need to be patched.

~~~
pbz
I just can't take one seriously if they think that using a firewall will
protect them from security flaws in applications.

~~~
CodeMage
Not in applications, but operating system. Windows Automatic Update becomes
quite unnecessary if you're behind a firewall.

------
ben_straub
Yes, program authors should just get it right the first time. If they hadn't
written those bugs in the first place, there'd be no security exploits!

I understand that the updates are annoying, but _all_ of the alternatives are
worse. Silent updating? I want control. Manual updating? People won't do it.
No updates at all? The botnet lords love this idea.

So the only real solution is to default systems to patch themselves, and
hopefully get the experience right for the confirmation dialog.

------
somabc
If you try a fresh install of XP even on older hardware it is lightning quick.

If you have a PC that is not connected to the Internet and runs the same
software all the time, from a supplier you trust. Then yes automatic updates
and virus checking is a waste of time.

Otherwise if you follow this advice you are asking to join a botnet.

------
generalk
Or, alternatively, switch away from environments where that sort of pestering
behavior is common!

I haven't used Linux in a while, but from what I remember it was rare to have
a program itself tell me there were updates necessary, but the package manager
globally managed those things for me on its own schedule.

The Mac application community has the fantastic Sparkle framework that lets
individual applications poll for updates. This isn't nearly as bad as it
sounds: generally speaking, applications have preferences to opt-out of
automatic updates, and the updates include complete changelogs. It's gotten to
the point where if an application _doesn't_ include Sparkle, I get annoyed.

In short, the posters issues aren't with Automatic Updates, they're with an
environment that doesn't respect users.

------
drinian
It's not unreasonable to say that you can run Windows XP without antivirus,
assuming that you are a competent computer user and keep Windows Update going.
Once you have a virus, you will have to reformat to guarantee a clean system
anyway; antivirus is simply a conceptually wrong solution to the problem (see
also <http://xkcd.com/463/>).

But, on the other hand, why not just use a better operating system? Linux, of
course, but even Vista is going to have better lockdown of administrative
privileges.

One of the things I really couldn't stand about Windows was how every program
had to have its own stupid little updater, with its own rules, taking up
resources and system tray space. This is the worst part of automatic updates
-- somehow most Windows developers are totally incompetent at writing them.

------
boundlessdreamz
1\. Apple updates don't choke my bandwidth and so I let the updates happen.
Reboots are still a pain. So I opt out of updates needing reboot sometimes
(especially for stuff like quicktime)

2\. I notice that firefox has downloaded updates only when I restart/start
firefox. Again no trouble there.

------
erikwiffin
I wonder if the author has had anyone extol the virtues of Ubuntu at him
yet... Not to sound fanboyish, but Ubuntu's package manager (Synaptic) more or
less meets a lot of hit requirements. The best part is that all of the updates
are coming through the same source, so you don't have to hunt down the updater
in every single piece of software you install.

Of course, I say Ubuntu because that's what I know. I would not be the least
bit surprised if other linux distros/mac os had similar package managers.

It seems like even windows could form some kind of agreement with various
software vendors allowing them to push updates through the windows updater.
Opt-in of course.

~~~
graemep
All versions of Linux I know of have a similar package manager. Updates on the
server and some more geeky distros tend to be run on the command line.

Some offer granularity of what types of updates to do (Mint classifies updates
by riskiness to stability) and most offer some method of holding back updates
on some packages (although not in the GUI in the distros I have used).

~~~
fatjonny
Things might be slowly getting better for Windows. Omaha
<http://code.google.com/p/omaha/> was released under an open source license
recently. It will be interesting to see if other projects adopt it, or if it
remains being used by Google products only. Ars Technica had a good summary
about the current state of Omaha. [http://arstechnica.com/open-
source/news/2009/04/google-opens...](http://arstechnica.com/open-
source/news/2009/04/google-opens-source-code-for-software-updater.ars)

------
thumbfinger
No antivirus? I can understand that. But turning off windows auto updates? Way
to get hit with the next Sasser/Blaster/Conficker.

~~~
CodeMage
Not very likely. According to the author, he's behind a well-configured
firewall.

------
edw519
I have my own (much simpler) solution: 2 computers.

One for the internet, one for development.

Guess which one has virus protection?

~~~
pbz
Neither?

------
Tichy
apt

------
thras
I don't run virus protection on my Windows machines, but I am a stickler about
automatic updates.

At work, where I manage a few hundred Windows machines with virus protection
and updates (managed through WSUS), I'm able to see whenever our virus scanner
gets a hit. It's almost always the same users doing the same stupid things.
(They are all running in limited user accounts though, so it's usually only
their own accounts they damage).

Linux machines are generally taken over through ssh key attacks, cgi
vulnerabilities, or social engineering (this happens more than Windows machine
takeovers at my workplace, unfortunately).

