This is not an improvement. I do not like it when my computer changes itself without asking.
- Does no one question this anymore?
- Why should we blindly accept every single update unquestioningly?
- Why should we be forced to deal with the problems they introduce after the fact?
- Why will no one contemplate that constant automatic updates are an attack vector unto themselves?
The more you force your feedlot of end-user livestock to tolerate potentially disruptive updates, the more they will grow accustomed to not being in control of their own machines, and the less likely they will be to notice a real problem as a signal amidst all the noise. Honestly, why even bother pretending to have control of our machines anymore.
When people ask me for help now, my eyes glaze over, and I am often forced to respond "I don't know what the fuck that thing is doing. It clearly has a mind of it's own."
This, my friends, is an affront to the very sensibility of the control an "open source" project, should ostensibly extend to it's community and user base. And spare me your bullshit about "Oh, hay guyz, you can just go on GIT or SVN and look at the code yourself!"
It's time-consuming, technical, and inaccessible to normal people, never mind the complications of different platforms, and the shifting sands of dependencies, commits and continuous integration.
Yes, automatic updates can be technically risky. The worst-case scenario is a buggy automatic update that breaks the updating mechanism itself so you can't recover. This has happened to companies the size of McAfee and Skype. But of course users also hate automatic updates that disrupt their experience, changing around the UI or enforcing a new registration scheme or breaking some piece of compatibility or just generally bloating the program.
But what's the lesser evil? The risk associated with automatic updates, or the headaches associated with many versions of software existing in the wild and security problems in them going unpatched? The software industry seems to be discovering that automatic updates are better off for the bulk of users in the bulk of situations.
Just as one example, what if IE6 silently updated itself to IE7 then IE8? The web might be years ahead of where it is now if we'd gotten off supporting that buggy dinosaur in 2007 instead of 2011.
What’s time-consuming, technical and inaccessible to normal people is updating their software. No-one in my family bothers apart from the people who actually work in the software industry. This isn’t necessarily a problem when it comes to features (apart from version fragmentation) but it’s a nightmare when it comes to security. The more silent and automatic security updates the better for them.
I disagree. There is a difference between not knowing what to do, or how to do it, versus simply not doing it out of laziness or negligence or an unwillingness to take on the responsibilities implicit in owning your own device.
The learning curve for keeping software up-to-date is not particularly steep.
You can disagree all you want, objective reality does not care.
> There is a difference between [stuff]
When the end result is that the vast majority of your users don't update their software, there isn't.
> The learning curve for keeping software up-to-date is not particularly steep.
Which is irrelevant, the vast majority does not care, has no incentive to care and can't be arsed to care. You won't make them care by caring more yourself they do not want to know about such technical details.
The Mozilla team did not build mandatory auto-update because they found it fun, they did it because people don't update their software and scary popups are just that: scary popups.
Of course it's an improvement. You know what I used to do when new versions of my browser came out? Update manually. Now to get the same result I do nothing. You know what my parents used to when new versions of the browser came out? Nothing. Which after a few years can be a problem.
If you don't want the computer saving you work then (1) IMHO you're not really getting the point of having one, (2) you can configure Firefox to not update silently.
I think some of you may have misinterpreted the "It's time-consuming, technical, and inaccessible" bit. Sorry, but I should have been a little bit clearer about precisely WHAT is time-consuming, technical, and inaccessible.
Browsing and understanding the source (and even the release notes, and bug trackers) of open source projects is frequently time-consuming, technical, and inaccessible. Particularly when it's ensconced solely in a GIT or SVN repo, with no user-friendly web front-end, and is only accessible via a command line.
I disagree with "robin_reala".
Updating software at your leisure, ON YOUR OWN SCHEDULE AND NOT SOMEONE ELSE's, by downloading installers, patches and packages is often a pretty reasonable task. Especially when it's a browser like Firefox or Chrome. It's also better to have redistributable offline copies of installed software and updates that you can retain as backups (uninfected backups, of course), in the event that network connectivity is unavailable, or because the network was essentially the source of the infection in the first place.
Yeah, yeah, yeah... good security practices dictate that we are ALWAYS on someone else's schedule. Live in fear. Okay, yeah, that's great, I get it, we all get it.
Hello- Mozilla employee here, though not a Firefox developer. The good news is it's easy to change how we apply updates from completely silent to "download and choose" to "only check when I tell you". The bad news is, unlike many situations of security theater, we frequently ship security updates due to known existing and actively exploited security vulnerabilities. Staying up to date is the easiest and most practical way of keeping your browser secure. If you want the security updates but find the frequent feature changes jarring, we offer our Extended Support Releases here: http://www.mozilla.org/en-US/firefox/organizations/all.html. I hope you'll adjust your update settings to something that works well for you- we really are trying to keep users in control.
You're in the massive, massive, massively minor minority. People like you have plenty of options for suppressing auto-updates and updating on your own schedule. You can deal with the effects of doing so. Most people can't. I'm having a hard time believing that you're advocating what you are in honest good faith.
This is not an improvement. I do not like it when my computer changes itself without asking.
- Does no one question this anymore? - Why should we blindly accept every single update unquestioningly? - Why should we be forced to deal with the problems they introduce after the fact? - Why will no one contemplate that constant automatic updates are an attack vector unto themselves?
The more you force your feedlot of end-user livestock to tolerate potentially disruptive updates, the more they will grow accustomed to not being in control of their own machines, and the less likely they will be to notice a real problem as a signal amidst all the noise. Honestly, why even bother pretending to have control of our machines anymore.
When people ask me for help now, my eyes glaze over, and I am often forced to respond "I don't know what the fuck that thing is doing. It clearly has a mind of it's own."
This, my friends, is an affront to the very sensibility of the control an "open source" project, should ostensibly extend to it's community and user base. And spare me your bullshit about "Oh, hay guyz, you can just go on GIT or SVN and look at the code yourself!"
It's time-consuming, technical, and inaccessible to normal people, never mind the complications of different platforms, and the shifting sands of dependencies, commits and continuous integration.
YOU KIDS STAY OFF MY LAWN!
/rant