Or more specifically, if it’s a controlled IT environment and you rely on centrally vetted and controlled software updates (which makes sense in a lot of contexts), then, well, control them centrally.
As in, either they update on their own, or every weekend the devices stay with IT anyways and get updated.
bassomitron@lemmy.world 9 months ago
To be fair, most of the time those updates are trying to patch security vulnerabilities haha
Like iOS and Android both had a few critical CVEs a few months ago that were a really big deal since the vulnerabilities required no user input.
Anyway, those updates are pretty important more often than not and not just meant to annoy you :)
lvxferre@mander.xyz 9 months ago
More important than what devs “try”, those patches do often address vulnerabilities…
…however, sometimes, shit breaks. It’s perfectly possible that a specific user does not want that patch, for multiple reasons:
Devs have no way to know it. And they shouldn’t code software as if they did.
Furthermore, regardless of what they “mean”, this sort of nagging sends a message to the user, that they shouldn’t be allowed to choose the software of their own machines.
It gets worse! This sort of nagging is not present only for security patches. It’s every bloody where. Including things that clearly do not benefit the user, with data harvesting being just the tip of the iceberg.
bassomitron@lemmy.world 9 months ago
I mostly agree with all of your points, but I think you’re failing to see the forest for the trees. The vast majority of users are ignorant as fuck about their tech. They couldn’t give a shit about anything other than their own convenience. If the devs allowed everyone to opt out if it meant no longer getting annoying messages, a huge majority of them would do exactly that, caring little for what that actually means in the long-term for their own security and others’ (yes, a vulnerable device is a danger to others, it isn’t always only impacting just that user).
So they opt for this collective, utilitarian approach, despite it meaning less user control. If you don’t like it, get an android device and root it. Problem solved.
lvxferre@mander.xyz 9 months ago
[Note for readers: my top comment was rather off-topic, as I focused on development. OP has two additional layers of complexity - IT bureaucracy and corporate environment.]
I don’t think that I’m failing to see the forest for the trees. I think that the key difference is that I’m not willing to give the stupid a pass to cause harm; and because of that I don’t think that devs should go out of their way to protect those [in your words] “ignorant as fuck” users, even if they’re the majority.
Once the devs provided the security patch, informed the user about it, and informed the user about the consequences of not applying that security patch (in clear and layman-friendly words), their job is done. Going past that to ask the user over and over about it, with no way to turn it off, is 1) patronising, 2) assumptive, and 3) belittling.
Exaggerating it a bit, it’s a lot like someone knocking at your door and asking:
Advanced settings, sane defaults, and automatic updates exist for this reason. If the user is so ignorant that they’re unable to realise why they should at least consider to apply the sec patch, they’re also too ignorant to turn automatic updates off.
Again, not the devs’ fault. The user shouldn’t be treated as something unable to be held responsible for the harm that it causes. And when they cause someone harm, they should be blamed.
That backtracks to the OP, with the IT nagging the user to update the software but not allowing them to do so. In those situations, the IT shouldn’t be acting like those shitty devs, who think “if you annoy the user enough it’ll obey you”; they should be asking the user/employee why they’re not updating their software, even if it causes a risk for the company.