this post was submitted on 29 Mar 2024
198 points (100.0% liked)

Technology

37720 readers
531 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
 

Edit: Guys I didn't write the headline; the subtitle that I added, I've now fixed tho

Edit: Also, the information about there being no escape is out of date -- here's a quick guide to how to fix the problem in the modern day

you are viewing a single comment's thread
view the rest of the comments
[–] pearsaltchocolatebar 50 points 7 months ago (6 children)

Forced updates are a good thing for most people, though. The general population doesn't know or care about infosec, so they'll put off updates for months or years.

[–] UmbraTemporis@lemmy.dbzer0.com 11 points 7 months ago (2 children)

No.

A notification, in the tray and elsewhere across the OS, with a short description like "Updates are crucial to the security of you and your device, they also provide the freshest experience." would get the point across. What would be even better is if there was a one-click NQA button to initiate the update, perhaps even included on the notification.

[–] pearsaltchocolatebar 20 points 7 months ago

Those notifications have existed for years. People don't give a shit.

All you have to do is restart your computer every so often and nothing will be forced.

[–] hitmyspot@aussie.zone 10 points 7 months ago (1 children)

The problem is Microsoft have abused it. Now they claim an update is for security, but instead it just reverts settings to promote their other products.

[–] UmbraTemporis@lemmy.dbzer0.com 2 points 7 months ago (1 children)

In Windows' case, this is the truth. But certified corporation momentos are not a required side-effect of this approach to updates.

[–] hitmyspot@aussie.zone 1 points 7 months ago

Yes, but trust is required of users are not going to boot out. If it's not opt out, that's a risk in intself.

[–] kent_eh@lemmy.ca 6 points 7 months ago (1 children)

Updates forced at inconvenient (or inapropriate) times aren't a good thing though.

Don't interrupt my work right bloody now.

You can update later when I'm done doing what I'm in the middle of.

[–] pearsaltchocolatebar 5 points 7 months ago

The forced updates are usually after the system has bugged the shit out of you to update for a week or two.

Plus, you can easily disable it.

[–] derbis@beehaw.org 4 points 7 months ago (1 children)

Let's have the authorities force us to eat salad and exercise while we're at it, it's better for us

[–] Dark_Arc@social.packetloss.gg 24 points 7 months ago* (last edited 7 months ago) (1 children)

Oh Christ, that's not the same thing and you know it.

[–] derbis@beehaw.org 4 points 7 months ago (1 children)

Meh. You're not just talking about just making it automatic or easy or recommended, but actually forcing everyone to have to go along with it and taking away the option to not do it.

[–] Dark_Arc@social.packetloss.gg 13 points 7 months ago (1 children)

You 100% should have to keep your systems up to date. It's a danger to yourself and everyone else when you don't.

[–] derbis@beehaw.org 3 points 7 months ago (2 children)

Even at the risk of Microsoft adding more spyware to my machine, reinstalling apps I deliberately uninstalled, reverting privacy settings I set, strongarming me into using their browser, etc? All of which has been reported.

My hardware, my choice.

[–] Dark_Arc@social.packetloss.gg 11 points 7 months ago* (last edited 7 months ago) (1 children)

If you want to phrase it as a "personal responsibility" thing, then you should frankly be criminally liable if your system is used for a DDOS attack.

[–] derbis@beehaw.org 5 points 7 months ago* (last edited 7 months ago) (1 children)

Lol.

As long as security updates are bundled with antifeature updates, this amounts to "install candy crush or go to jail!"

[–] Dark_Arc@social.packetloss.gg 8 points 7 months ago (1 children)

You think it's funny for your system to take part in an attack potentially costing billions of dollars in damages because you can't be bothered to switch off of Windows because "you don't like what Microsoft installs with their security updates" or "actually install security updates"?

[–] derbis@beehaw.org 1 points 7 months ago

I'm not sure I follow the last "or" clause, but you can bring the criminal liability to Microsoft if you think it should attach for this reason

[–] termus@beehaw.org 3 points 7 months ago (1 children)

Sounds like Microsoft is the problem here. Their antics finally got me to switch to Linux with Copilot.

Just curious, are you unvaccinated too?

[–] derbis@beehaw.org 1 points 7 months ago

No. How about you, are you anti-abortion?

[–] ptz@dubvee.org 2 points 7 months ago (1 children)
[–] teawrecks@sopuli.xyz 6 points 7 months ago (1 children)

Which part exactly are you disagreeing with? Do you think that we should force people to never be allowed to run an OS that enforces a strict update regimen? Because I think you probably actually think that the user should be allowed to choose how they update; whether that be mandatory and automatic, or manual and optional. The reality is, the vast majority of people will opt for the former, and I think we both agree that they should be allowed that choice.

The real issue is transparency: what is being installed and executed, why, and is any data being collected. As long as all that can be audited at will, I don't see any issue with the existence of an OS that insists on being updated for the people who want that.

[–] ptz@dubvee.org 6 points 7 months ago (1 children)

I don't see any issue with the existence of an OS that insists on being updated for the people who want that.

Emphases mine, obviously. No OS (nor its vendor) should insist how I use it or force anything on me, the owner / administrator. If it wants to make an opt-in option to make certain things automatic for the lazy / technically-challenged, sure, whatever, but don't make it mandatory or convoluted to opt out (if opt-in is a dealbreaker)

I don't want my OS to treat me like an idiot, a child, a product to be data mined, a mark to sell stuff to, etc. Just handle I/O, render what I tell it, do what I tell it, and don't take liberties or suggest things to me.

[–] teawrecks@sopuli.xyz 2 points 7 months ago (1 children)

Yeah, I don't think you're disagreeing with my point. I get it, you aren't the person who wants to be treated like an idiot when it comes to your computer, but the vast majority of computer users do.

There are many things in your life that you rely on on a daily basis that you never think about the internals of. Maybe your electrical system, your washer and dryer, your car, the roof over your head, the mail system, or the kitchen at a restaurant. All of these things are black boxes that get you what you want without you having to ever think about how it works. Because you don't want manual control over every single thing in your life you interact with, no one has time for that, you couldn't function in modern society.

Your computer is an exception that you have arbitrarily chosen to have intimate control over, but most other people don't. In their perfect world, they don't even know they're using a computer, it's just a magical box that gets them what they want.

[–] ptz@dubvee.org 1 points 7 months ago (2 children)

Respectfully, I am disagreeing with your point.

To be quite blunt about it, I'm tired of everything constantly being dumbed down to accommodate the lowest common denominator, intellectually non-curious "everyman". Every once in a while, people should be expected to reach up, just a little. Otherwise, it's a race to the bottom.

Just because I'm expecting people to reach up doesn't mean no one will be there to help.

[–] teawrecks@sopuli.xyz 2 points 7 months ago

Ok, so it sounds like you are in fact arguing that people shouldn't be allowed to run a system that forces updates. And yeah, I think we will have to agree to disagree. I believe people should be free to run whatever they want on their own devices, regardless of my personal beliefs.

Remember, we're not talking about a system that spies on you without telling you, or recommends things to you without you wanting it to, we're specifically talking about a system that says "either let me update myself, or I will stop functioning". And I think that's perfectly reasonable system for a person to want and have.

[–] pearsaltchocolatebar 1 points 7 months ago

Most people have absolutely no need to understand how the systems they use operate under the hood.

If anyone does care to "reach up", it's not hard to find the steps to disable it on Google. But 99.9% of people aren't going to do that.

[–] Zworf@beehaw.org 1 points 7 months ago (1 children)

That's their problem though. If they wanna get hacked, go for it.

But there should be a way to turn it off for us power users at least (without having to build a whole domain controller)

[–] pearsaltchocolatebar 1 points 7 months ago (1 children)

The problem is when those systems become part of a botnet.

Plus, you can just disable the update service if you want to leave your computer vulnerable to attacks.

[–] i_am_not_a_robot@discuss.tchncs.de 1 points 7 months ago (1 children)
[–] pearsaltchocolatebar 1 points 7 months ago

Except it is; you can add a batch script in your startup folder to disable it on startup. You could also just add the registry key that disables it.

If you're actually a power user, disabling updates isn't an issue.