Ask HN: What's the benefit of deferring updates? - mimsee
======
twunde
The primary reason to defer updates is the risk that the updates will break
existing functionality in a way that negatively impacts worker productivity.
This could be bricking a laptop/server/computer, or causing software to stop
working. The risk is particularly high for older software, which might be
using deprecated or unofficial apis, or potentially may no longer be supported
(when a vendor goes out of business there's nobody to call or pay). Many
companies have customized existing software to the extent that they're
incompatible with updates ie they've forked the software. In some cases, like
the air traffic control software [https://www.wired.com/2015/02/air-traffic-
control/](https://www.wired.com/2015/02/air-traffic-control/), to change over
they need to do a full-rewrite, which is very risky and may be missing
functionality or just be buggier than the mature software you're using.

For healthcare, banking and education there are some additional factors. These
are all regulated industries, where all updates have to go through change
management and testing in order to be compliant. In healthcare, updates are
particularly uncommon as devices spend at 6+ months to years undergoing FDA
certification. When a piece of software is updated, that update has to have
gone through the FDA certification process before being applied.

------
probably_wrong
Probably not what you have in mind but, in the case of old computers,
performance.

I know everyone here changes computers every year, but lots of people I know
keep the same computer for 7-10 years. And why wouldn't them? They can read
their email, browse the news, and write letters.

Updates, on the other hand, tend to include the latest and greatest, requiring
more and more resources. As a result, the computer gets slower and slower
without providing any extra functionality. Good luck installing a modern
browser with 512MB of RAM or, God forbid, the latest Windows. Things can also
move around across versions, which is not great for non-technical users (or
even worse, users with some kind do of impairment).

In these situations I disable updates, add some extra protections, and accept
the fact that I'll have to retouch them every year or so.

~~~
mimsee
I understand your point for old hardware but I was mostly meaning in a
company/school/hospital type of environment where there is adequate hardware.
Sorry for not mentioning it before.

~~~
Artlav
Huh?

It tends to be the opposite - government places like schools or hospitals run
on tightly reglamented software and processes, and updating ANYTHING is a
hard, long struggle. You would often find computers running XP or less around
such places.

Hell, i had to setup a bunch of USB floppy drives at a certain auto parts
manufacturer's accounting office because the local tax office's computers
didn't have USB and all the digital tax reports could only be accepted on
floppy disks. Yes, that was this decade, and not early in it either.

It's regular people who tend to buy new stuff all the time, not organizations.

------
ldjb
I'm not too sure in what context you're referring to, but I'll assume you're
asking for reasons why you might want to delay updating software.

One reason might be because of regression, when an update introduces a bug
that causes the software to malfunction despite it previously working. It is
sometimes wise to let other people try out the update first, and then update
if it appears to not be problematic.

Another reason might be because the update intentionally breaks compatibility,
or removes a feature you need. If the new version of the software doesn't meet
your requirements, then you might need to stick to using the older version.
This might just be temporary until newer versions of the software meet your
requirements once again.

You might also need time to assess whether the update compromises the security
of your systems (there have been instances when updates have contained
malware), or complies with legal or business requirements (the terms of the
software licence may have changed).

Despite all of that, however, it is imperative that security updates in
particular are taken very seriously. In most cases, it is a good idea to
install security updates as soon as they become available.

~~~
mimsee
Call be paranoid but I'd rather have a few hypothetical feature-bugs in the
systems than security vulns. Just keep the systems in the stable release.

------
iurisilvio
My reason: I don't live in an IT perfect world. Moving parts that always break
with updates.

I have third party provided configuration in some machines and most of the
Windows updates break these configurations. When it happens, I have to call
these third party and a _non-IT_ person come here to reconfigure things.

These configurations are mostly client certificates that work only with IE8 or
older (!!!). Their websites use ActiveX, Flash or some other buggy tech. I
have the option to maintain my computers working without patches or I update
my Windows and wait 2 days (or more) before they're able to reconfigure my
machines (and this downtime costs a lot).

I try to sandbox these machines in my network, but you know it is not perfect.

