|
|
|
|
|
|
by a1369209993
1487 days ago
|
|
|
> Even if updates are opt-in, 99.9% of users are just going to click through and update. That's still automatic updates. A non-automatic update occurs when the user takes some unprompted action such as clicking Help > Check for updates, which by design mostly only happens when the application's current behaviour is unsatisfactory. > from a 'logicless' third party CDN like S3 or Github Those aren't logicless, you just haven't caught them using nontrivial logic. (Or you have and conveniently forgot about it - I recall hearing that Github returned different results to queries from Iranian IP addresses at some point - those were error messages, but could as easily have been state-supplied backdoored versions of the requested software.) |
|
|
I see what you're getting at, but the vast majority of users don't define "automatic updates" in that way. Automatic updates (to almost everyone) means an update that requires no user interaction or approval. If you have to click a button, it's not automatic. The user could, if they wanted to, download the latest version and examine it, check the diffs on Github if the project is open source, etc. before updating.
What you're referring to I guess could be called an 'unprompted update'. But in practice, it's important for users to be aware of updates that include bug fixes, even if they haven't hit those bugs yet, so I don't think this is really desirable behavior.
"Those aren't logicless"
They're not logicless for the service providers (AWS and Github) but are logicless from the perspective of the software provider. Up to the point that you trust AWS or Github, you can trust that a link to a static Github/S3 file will serve the same file to every user, and the software provider can't change that.