There’s always one thread where we are discussing how everything needs to auto-update for security/stability forever, and another thread (currently crowdstrike) where that approach has caused the problem we wanted to avoid. Would be nice to see more discussion of this basic tension in the abstract since $current_issue is often just a distraction.
Auto updates also have a reputation for harming the user at least as often as helping (removing features, adding ads, whatever) and so trust in that is declining while the need for decent security (smart cars/homes) is increasing. Not sure what to conclude from this except that we need more focus on secure-by-design systems and maybe immutability guarantees rather than autoupdates, app stores, and plugin/extension frameworks but these things are sometimes impractical fundamentally and sometimes just inconvenient for surveillance capitalism.
Sure, but again the specifics are a distraction. The problem with pushing any release onto users who have no ability to opt out is that those users never have any guarantee that vendors tested things, or that the vendor is even hoping to help rather than hurt users.
it’s pretty safe to assume that most companies spend money trying to make money, which usually involves exfiltrating my data, turning off things I need but they don’t want to support, general rent seeking, ads injection.
Trusting any small manufacturer of anything to spend time/money on fixing problems with security or quality control is a hilariously naive idea these days, when crowdstrike and Boeing are showing that even big companies don’t care. We all know the security update is enhanced spyware, planned obsolescence / a slow push to force me to buy a new device, or something else that’s going to make things worse.
Auto updates also have a reputation for harming the user at least as often as helping (removing features, adding ads, whatever) and so trust in that is declining while the need for decent security (smart cars/homes) is increasing. Not sure what to conclude from this except that we need more focus on secure-by-design systems and maybe immutability guarantees rather than autoupdates, app stores, and plugin/extension frameworks but these things are sometimes impractical fundamentally and sometimes just inconvenient for surveillance capitalism.