[Digital-Citizen]

According to the article, "Apple said the update does not require any user interaction and is deployed automatically.". There's nothing moral about using "silent updates" (updates the user has no opportunity to decide whether to adopt).

Apple certainly wasn't looking out for their users' privacy and security when they let an iTunes bug go unfixed for 3 years (see http://www.telegraph.co.uk/technology/apple/8912714/Apple-iT... for more). That bug was said to allowed government spying. Apple's iPhone back door lets Apple delete a user's apps (per http://www.telegraph.co.uk/technology/3358134/Apples-Jobs-co...) but Steve Jobs said it was okay because we can trust Apple ("Hopefully we never have to pull that lever, but we would be irresponsible not to have a lever like that to pull."). Back doors aren't moral, they exist to grant another party over the device the user bought and should own.

The root of all of this is the power of proprietary software (software the user can't inspect, share, or modify, and in some particularly restrictive cases can't always run). Proprietary software is unjust power over the user. There's nothing moral about proprietary software.

[jakobegger]

Requiring user confirmation for updating malware signatures would make them a lot less effective.

And in any case, there is a checkbox in the software update preferences labelled "Install system data files and security updates" which presumably allows you to opt out of these critical security updates.

And if you really wanted to have the zoom backdoor server run on your system, you could probably just strip the code signature and run it manually. Apple isn't stopping you from running whatever software you want on the Mac. Apple is helping all those users that don't follow Hacker News to keep their Mac safe.

[pbhjpbhj]

>Requiring user confirmation for updating malware signatures would make them a lot less effective.

That seems highly unlikely to me. Do you have evidence to support that assertion.

On first use "Do you want us to automatically remove apps we think might damage your system: Y/n."

Don't users need a notification, at least, to inform their choices when installing software.

I guess Apple Computers would rather you just mindlessly relied on them, however, so anything that lets users know that Apple's system exposed them from risk is going to be avoided.

[jakobegger]

> Do you have evidence to support that assertion.

Every relative who never installs updates. I ask them why they are on an old version with major security holes that were on the news, but they just don't care. They always click "later".

[jki275]

You can turn it off if you don't like it. If one doesn't know enough to turn it off, one probably shouldn't be turning it off.

[matkoniecz]

> There's nothing moral about using "silent updates"

Sorry, but this is absurd. Automatic security updates are necessity. And no user read through all changelogs of all updated software (except extremely critical systems).

Maybe you wanted to argue for ability to downgrade and disable updates?

[Digital-Citizen]

There's no call to write in such patronizing ways.

It should be up to the user to decide whether to take on updates, regardless of what you think because that's their computer and not yours and you each deserve control over the computers you own. Just as freedom of speech means sometimes people will say things you disagree with, free software computers means not everyone will keep up with the updates. But not offering software freedom is unethical and neither Zoom nor Apple are distributing software freedom. Apple has a clear record of using the power of a proprietor to expose their users to harm (more examples at https://www.gnu.org/proprietary/malware-apple.html ) and this story is an example of how Zoom apparently does as well.

What you and other posters are tellingly refusing to address is the immorality of software nonfreedom. As I wrote before, this is the core of the issue.

[mrmanner]

> It should be up to the user to decide whether to take on updates, regardless of what you think because that's their computer and not yours and you each deserve control over the computers you own.

Which is why the user can CHOOSE to have automatic updates. Or not to. The default when buying a new Mac is that automatic updates are enabled, because that’s the product Apple wants to sell and that they believe most of their users want to buy. It’s secure, it’s practical, it’s fun.

If you want to be your own IT department you simply deactivate all or some automatic updates. If you want a secure computer and trust Apple you leave it on.

I don’t see how this is a big moral question at all. Let people organize their computing needs in a way that’s safe and practical for them, not in the way that’s safe and practical for you.

[GeekyBear]

>There's nothing moral about using "silent updates" (updates the user has no opportunity to decide whether to adopt).

There's nothing accurate about this description.

The user can turn off all update checking, or use the granular permissions to just turn off silent security updates.

>To allow macOS to update automatically, go to System Preferences > Software Update, then check Automatically keep my Mac up to date. The Mac offers some more granular update options than iOS. If you click Advanced…, you see a number of options:

https://www.intego.com/mac-security-blog/everything-you-need...

If you only want to turn off silent security updates, the option to uncheck is "Install system data files and security updates".

[6nf]

Every browser and most other important software now does auto-updates with no user interaction. ESPECIALLY for security issues.