Linked by Thom Holwerda on Wed 30th Jul 2008 21:56 UTC, submitted by peskypescado
I have written about if before: updating programs on your computer - if you're not using a Linux distribution, that is - is a total and utter mess. On Windows and Mac OS X, there are roughly four ways of updating applications. The application notifies of new updates, and then downloads them when you click 'yes', the application updates from within the application itself, or the application requires a special update program running in the background. These are all quite annoying, since they interfere with your workflow (as opposed to, say, running "apt-get upgrade" every morning). The fourth method is the official vendor channel, Windows/Microsoft Update in Windows and Software Update in Mac OS X. Paul Ellis argues that to alleviate the mess, Microsoft should open up Microsoft Update for everyone else - and similar arguments are made concerning Apple's Software Update.
Thread beginning with comment 325080
To view parent comment, click here.
To read all comments associated with this story, please click here.
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[2]: Client side app only?
by _txf_ on Wed 30th Jul 2008 22:52
in reply to "RE: Client side app only?"
Member since:2008-03-17
You're probably right...But I still think having a centralized blacklist/Whitelist ability is useful for users (who might not entirely trust an app for whatever reason). Also Allowing a user to whitelist an app for updates shifts responsibility from microsoft to the user for maintainance of any given app and makes certification a lot simpler by not making it mandatory
Edited 2008-07-30 22:54 UTC
RE[2]: Client side app only?
by lemur2 on Thu 31st Jul 2008 12:30
in reply to "RE: Client side app only?"
Member since:2007-02-17
I don't know how much of a concern malware should be, because if you have malware running on your system already they can do whatever they want. They can make it install new software or even update existing software already.
This really is no different than adding additional repositories in Linux.
This really is no different than adding additional repositories in Linux.
There is a slight difference. It has been revealed that "updates to Windows update" can be made to install automatically on a Windows machine regardless of the settings of that machine. Such an update does not "ask permission" ... it just downloads & installs.
This amounts to "push technology" ... this is also known as a "back door".
http://en.wikipedia.org/wiki/Backdoor_(computing)
Once you have a mechanism to allow automatic "updates to Windows update" to be installed & run on a Windows system without the machine owners knowledge or consent, then of course that further provides a mechanism to install anything at all on a Windows system without the machine owners knowledge or consent. (All you have to do is update Windows update, make the updated Windows update then download & install whatever you want, and finally you can even put Windows update back the way it was and hope that nobody has noticed).
You don't get such a thing on a Linux system. Updates are alerted via a deamon running in the system tray ... but you then have to manually click on the system tray icon, and enter the system root password before even the available updates are shown to you. After that you have to manually confirm again that you want to install the indicated updates.
Anyway ... the fact that Windows update is actually a backdoor means IMO that it is unlikely that Microsoft will allow other third parties to use it.
Recent Original Stories
Recent Comments
Headlines
Random Comments
Random Stories
Random OS Link
Member since:
2008-07-08
I don't know how much of a concern malware should be, because if you have malware running on your system already they can do whatever they want. They can make it install new software or even update existing software already.
This really is no different than adding additional repositories in Linux.