[rlpb]

> Ubuntu continuously updates itself without permission...

It does default to installing security updates automatically. However, this is completely configurable.

It isn't reasonable to have different default behaviour - otherwise the majority of users would be vulnerable from a security perspective.

If you want different behaviour, just configure it as you wish.

> The Ubuntu packages, drivers and kernel are laughably behind Debian and even further behind mainline.

This just isn't a reasonable description of reality.

Unless you're referring to an Ubuntu LTS, in which case, of course it is: that's the entire point of Ubuntu LTS, and Ubuntu users have the choice of using the six monthly non-LTS releases if they want more up-to-date packages, which Debian users do not have.

[ptsneves]

> It does default to installing security updates automatically. However, this is completely configurable.

Man, but have you personally tried to disable it?

Did you stop apt-daily.service apt-daily.time apt-daily-upgrade.service and apt-daily.timer? Did you repeat the same but masking and disabling those services. Don't forget to repeat that for unatended-upgrades.service. Even after that whenever our CI fails an apt-get we have a pstree output to figure out what other dark pattern canonical came up with.

This whole debacle made me consider RedHat for my next install, and I use Ubuntu for almost 2 decades. It became unreliable in servers.

Dont get me started on the lack of security updates on "multiverse" packages which starts to include more and more packages and thus LTS means less and less. This is not innocent but so you buy Ubuntu One.

[bArray]

Their answer will be "just make your server robust to restarts bro", not really understanding the fact that some stuff simply cannot be restarted. We have Ubuntu desktop running a robot arm (not our choice of OS, but the manufacturer). Mid-operation snap decides to kill the robot that would otherwise be happy operating away and sending stats to the cloud.

I'm personally moving to Debian. It's 99% how Ubuntu used to be and most Ubuntu stuff is just a .deb that is relatively compatible.

[rlpb]

> Man, but have you personally tried to disable it?

Sure. It's just a one line change in the configuration file (/etc/apt/apt.conf.d/50unattended-upgrades). Or, if you're doing a mass deployment, just don't install the unattended-upgrades package.

> figure out what other dark pattern canonical came up with

The mechanism is inherited from Debian. It isn't Canonical's architecture.

If you want to hack internals to do things in a more complicated way, then that's up to you, but you can't then complain that it's unnecessarily complicated.

[ptsneves]

> Sure. It's just a one line change in the configuration file (/etc/apt/apt.conf.d/50unattended-upgrades). Or, if you're doing a mass deployment, just don't install the unattended-upgrades package.

That answer shows you have not seen that pattern fail.When that fails or is overwritten by an update, remember my comment.

Ironically you just added another way to configure a simple thing, proving my point.

[bArray]

> It isn't reasonable to have different default behaviour - otherwise the majority of users would be vulnerable from a security perspective.

A better default behaviour would be to alert the user and allow them to choose to indefinitely defer by "accepting the risk". Some setups, rightfully or wrongfully, have a very long running time and cannot be restarted.

> If you want different behaviour, just configure it as you wish.

I'm not sure if it changed, but they made it extremely difficult on purpose. You can stop snap from updating, but then lots of other things also break.

> This just isn't a reasonable description of reality.

It's my experience with packages I use.

[rlpb]

> A better default behaviour would be to alert the user and allow them to choose to indefinitely defer by "accepting the risk".

That would be terrible UX and is exactly contrary to Ubuntu's philosophy, which is to do the right thing by default.

The alternative is to bombard the user with questions that they're generally not in a position to understand, and force them to receive an education on stuff that doesn't matter to most users before they can use their computer.

[bArray]

> That would be terrible UX and is exactly contrary to Ubuntu's philosophy, which is to do the right thing by default.

Even in Windows (or at least it used to be), the decision to perform an update now was a user decision. Just killing off applications without warning is the worst UX ever. Randomly killing stuff off is the opposite of what I want my OS doing.

> The alternative is to bombard the user with questions that they're generally not in a position to understand, and force them to receive an education on stuff that doesn't matter to most users before they can use their computer.

It doesn't have to be like that. It could be: "Do you want to update now? The following programs are affected and will be restarted: X, Y, Z. [Learn more]" The answers could be "Yes", "Remind me on next boot", "Remind me later" (offers common delays, i.e. 1 hour, 1 day, 1 week).

What is should never do is take the power away from a user. I saw an Ubuntu user's system restart their snap programs in the middle of delivering a conference presentation without warning. That was the worst way that could have been handled.

[rlpb]

> I saw an Ubuntu user's system restart their snap programs in the middle of delivering a conference presentation without warning.

It's been years since they added warnings for upcoming snap updates. There's also "refresh awareness", which defers updates (to a limit, with warnings before exceeding the limit) while a user is using an app.