Thursday, September 24, 2009

A good list of reasons not to have an always active update daemon.

 

Here are a few reasons why an always-active daemon (software speak for a tiny app that runs in the background) for handling software updates is a bad idea:

  1. It opens up an always-on tunnel to Google. While Google may be confident its update servers will never be compromised, how confident are you? If a third party gains control of that server, it can inject nearly any code it wants into your machine.
  2. It’s always on, always looking for update. On an expensive, pay-by-the-megabyte EVDO network? Google Updater doesn’t care and will suck down any available updates without asking, costing you money.
  3. Google updates Google Earth or Picasa or Gtalk, but the update ends up having a bug that wipes data from your drive. Sorry, too late — the auto-updater already grabbed the latest version without asking. Kiss your data goodbye.
  4. Administering a large network that needs to be locked down and tightly controlled? Cross Google software off your list. All the above problems apply, but they’re cascaded across your network for added headaches.

via Why Google’s Software Update Tool Is Evil | Epicenter | Wired.com

Mozilla and hypocrisy

Right, but what about the experiences that Mozilla chooses to default for users like switching to  Yahoo and making that the default upon ...