Another quick one tonight so I can correct the old body clock.
Software these days usually includes some sort of automatic update functionality. The vast majority have some an update process that makes itself known to the user upon launch (either to check for updates or to install updates). Otherwise, software may update itself silently without the end user knowing that anything has happened (of which Google Chrome is a prime example).
Of course, in the case of silent updates, we may not necessarily know that we are using silently updating software unless:
- we either are explicitly aware of the fact when we first installed the software, or
- the software makes some unexpected noise during an update (i.e. an update failed or crashed)
Silent updates seem fairly innocent enough, right?
One could theorise that without a nag screen asking a user to authorise an update that you may see a higher percentage of users keeping up to date. This is certainly a positive from the point of view of keeping software patched against newly discovered exploits with minimal fuss and confusion for the user. On the flip side, this can present a downside in that new flaws can be introduced without the user’s knowledge nor can a user have then opportunity to refuse an update. This could potentially lead to a situation where computers are exploited using a “zero day” vulnerability (i.e. a flaw that has been discovered and is being actively used to compromise computers).
So there is a trade off between convenience, simplicity and security when it comes to software updates. Silent updates (should you become aware of them) are no reason to let your guard down or lull you into a false sense of security.
Follow Us!