Nostr

Skipper 1y ago

Enabling auto-updates is dangerous, yet I see so many #privacy #cybersecurity focused individuals recommending it.

You are giving whoever controls the updates full control over your software. With auto-updates, it is possible to:

🔸 Insert backdoors, spyware, and malware.

🔸 Add unnecessary features.

🔸 Remove features, make unwanted changes.

🔸 Add new bugs.

🔸 Use users like guinea pigs with shit like A/B testing.

🔸 Whatever else malicious developers want to do.

This is especially dangerous for browser extensions. It's common for developers of extensions to receive a ton of emails from "companies" trying to purchase their extensions for thousands of dollars. The goal? To do malicious stuff with the users who have them already installed.

Auto-updates can, and will be used for malicious stuff. Keep control of your software by making sure updating is always done manually.

Reply to this note

Please Login to reply.

Discussion

Islamic Audiobooks Central 1y ago

What about enabling it selectively for trusted software?

Skipper 1y ago

I disable automatic updates for all software, even those I trust. It's a good habit to check the changelogs before deciding whether or not to update it. For most softwares, it doesn't really matter if you are behind in versions. Browsers, though, make sure to always update them regularly.

#privacy #cybersecurity #opsec

516add19... 1y ago

These companies can force auto update even if turned off. Even the ISPs can do it.