I’ve had IT bug me about this at my company for the past several updates. For some reason their software never picks up that I’ve updated my machine, maybe because I literally do it only hours after the update has come out. Every single time I’m like “I’ve been on that version since the day it released. They then do something on their side and are like “oh it’s showing up as up to date now, thank you”… smh
IT nags me everyday to update iOS, but they didn't approve the update...
Submitted 8 months ago by Wispy2891@lemmy.world to mildlyinfuriating@lemmy.world
https://lemmy.world/pictrs/image/c8afb6ca-648d-4db4-b28a-bb67d6ca914b.jpeg
Comments
tyler@programming.dev 8 months ago
Confused_Emus@lemmy.world 8 months ago
Tell them to set up Watchtower on the dinky lil NAS they’re apparently running!
MystikIncarnate@lemmy.ca 8 months ago
As an IT guy, half of the “missing update” garbage we see is because our reporting tools haven’t updated the status of the device since before the update was applied…
I blame developers.
lvxferre@mander.xyz 8 months ago
Software nagging as a whole is mildly annoying for me. If, for whatever reason, I don’t want to follow whatever action it’s “suggesting” me to do, stop me bugging about it!
Also fuck off with the “maybe later”. It’s simply “no”.
bassomitron@lemmy.world 8 months ago
To be fair, most of the time those updates are trying to patch security vulnerabilities haha
Like iOS and Android both had a few critical CVEs a few months ago that were a really big deal since the vulnerabilities required no user input.
Anyway, those updates are pretty important more often than not and not just meant to annoy you :)
lvxferre@mander.xyz 8 months ago
More important than what devs “try”, those patches do often address vulnerabilities…
…however, sometimes, shit breaks. It’s perfectly possible that a specific user does not want that patch, for multiple reasons:
- the patch is botched, the dev fucked up, and the user knows it
- the patch doesn’t even work on the user’s machine on first place
- the patch works fine, but it tanks the performance in an unavoidable way
- the patch introduces some bugs due to interaction with something else
- addressing the security vulnerability kills a feature that is more critical for that user than the security issue
- et cetera.
Devs have no way to know it. And they shouldn’t code software as if they did.
Furthermore, regardless of what they “mean”, this sort of nagging sends a message to the user, that they shouldn’t be allowed to choose the software of their own machines.
It gets worse! This sort of nagging is not present only for security patches. It’s every bloody where. Including things that clearly do not benefit the user, with data harvesting being just the tip of the iceberg.
Carighan@lemmy.world 8 months ago
Or more specifically, if it’s a controlled IT environment and you rely on centrally vetted and controlled software updates (which makes sense in a lot of contexts), then, well, control them centrally.
As in, either they update on their own, or every weekend the devices stay with IT anyways and get updated.
Chozo@fedia.io 8 months ago
I think this is an intentional design choice by Apple, to encourage users to complain to their IT departments and bully them into updating their device fleets. Apple likes it when more devices are on the latest version of their software.
JackGreenEarth@lemm.ee 8 months ago
Is that a flip iPhone or something? What’s up with the aspect ratio?
mean_bean279@lemmy.world 8 months ago
I think they just took two screen shots and put them together but with the one about iOS 17.3.1 being overlayed slightly on the other.
Wispy2891@lemmy.world 8 months ago
i placed the two screenshots side by side using the freeform app 😀
narc0tic_bird@lemm.ee 8 months ago
Two screenshots, should be an iPhone SE 2020 or 2022.
yemmly@lemmy.world 8 months ago
MDM is a scourge upon the earth
mean_bean279@lemmy.world 8 months ago
As opposed to completely unmanaged devices with software and hardware that I have zero idea what exploits are available for it?
If it’s because you’ve had some dumbass BYOD policy then that’s a you problem. I always tell my users to not put company policies on their private devices. On company devices, and especially government, I want my capacity to control my domain better.
HeartyBeast@kbin.social 8 months ago
Exactly.
Also be aware that if you add an Outllook account to iOS, IT may be able to wipe your entire phone.
yemmly@lemmy.world 8 months ago
To clarify: I’m not opposed to the concept of MDM, but the available solutions for implementing it are garbage. The MDM agent is one of the first things a nation state attacker goes after because it’s ubiquitous and usually worse code than the OS itself.
MystikIncarnate@lemmy.ca 8 months ago
While you’re not wrong, and the only thing worse is possibly printers; just like printers, it’s a necessary evil.
It’s bluntly the only way to manage a fleet of devices. It sucks, but it’s required.
FartsWithAnAccent@lemmy.world 8 months ago
Better than nothing
MystikIncarnate@lemmy.ca 8 months ago
As an IT guy, start a ticket.
Those update messages are likely from an automated system, and the updates are probably controlled by a completely independent system that nobody looks at regularly.
By submitting exactly what you did here as a ticket to the IT team, you’re pushing them to check in on those systems and approve updates that haven’t been approved.
Yes, it’s dumb. The updates should be automatically approved. Obviously they’re not, or something has prevented them from approving it.
Personally, as IT, if I get a ticket about this, I’d want to dig into why the update wasn’t approved and make sure future updates get approved without delay; solving both the immediate issue and all related issues in the future. However, if I’m not aware of the issue, I can’t really fix it. From their view, they likely only see a dashboard of all devices and yours (along with others) are probably flagged as needing an update. This is extremely common and probably entirely ignored under normal circumstances. Almost every one of the systems I administrate at work have updates that are pending. Either the system hasn’t been restarted (mainly desktops and servers and such) or, if it’s reliant on a user taking action, I assume the user doesn’t care enough about the update to bother running it… The idea that the update hasn’t been approved or that there’s a problem getting or applying the update, doesn’t even enter my brain as a possibility until someone complains. Simply put, I don’t have time to investigate every pending update that has not yet been applied. You’d almost need a dedicated person just to keep an eye on updates in order to keep on top of them, and nobody pays an IT person solely to look after updates.
So I’m busy fixing Debbie’s printer, and Joe’s scanner, and Frank’s email that’s slowing the date in that strange format again because he somehow changed his regional settings to the UK again…
Do your IT team a favour and send them this. I promise you that they’ll be grateful, even if they don’t seem like it. Bluntly, this is a perfect amount of information.
I get requests that range from “please call me when you have a chance” to “this specific function in this specific program is doing a thing that’s different from what I see on a coworker’s screen and I like how their screen shows it better because it reminds me of my grandchild’s grade 3 school play where they played a tree.” Ok Linda, thanks, I really didn’t need to know about little Timmy’s school play… Users either give us nothing, or way too much irrelevant data. So this image shows exactly what is required for a diagnosis. Either the messages will be stopped or the update will be approved.
Jimmycrackcrack@lemmy.ml 8 months ago
If updates are approved automatically, why have a system where approval is required?
cyberic@discuss.tchncs.de 8 months ago
Because an iOS change might break existing corporate software? Just a guess.
echodot@feddit.uk 8 months ago
It’s usually because updates will be automatically approved after a certain amount of time but not immediately. Usually because they’ll be some business critical corporate app and we have to make sure that the iOS update isn’t going to break it.
Will do love breaking apps. Normally the app developers would get for warning of updates and be able to update their apps to accommodate but a lot of corporate apps won’t be run through the app store they’re just loaded in via some management tool. The corporate apps tend not to get any warning.
And all of the above is assuming that the app is developed in house which often it isn’t so you’ll need to hire a developer team to update the app, which again adds more time.
ilinamorato@lemmy.world 8 months ago
I’m not in IT, I’m an SE, but I do wonder if their system automatically approves minor updates but requires manual intervention to approve major updates?
Or maybe it provides the functionality for them to turn off the automatic approval if they’ve done testing while the update is in beta and discovered issues that need to be addressed?
Or maybe it’s just a crufty relic of a previous IT regime when they actually did have to manually update everything, but disabling that specific checkbox would cause downstream issues they hadn’t considered. Or it’s an edict of the management that they have approvals enabled, but they don’t care whether it’s automated or not.
In my experience all enterprise technology policy is basically just three Windows scheduled tasks in a trench coat, so I also wouldn’t be surprised if it’s all of the above.
winterayars@sh.itjust.works 8 months ago
Yep, they may not know what’s going on, there may be a bug in their system, either the update nag or the block on the new update may be incorrect.