The recent attack of Ransomware carried out by WannaCry has raised a new debate on computer security, and among the questions that has generated the attack is the one of who was to blame for this cyber attack : Microsoft for not having any more impact on the publication of the patch, or The users for not applying it.
The truth is that activating a system of automatic and forced updates has been something that has always given many headaches to software companies, who have tried to use that scheme without success. These mandatory updates would solve problems like the one that affected us with WannaCry, but not all are advantages with those updates without permission.
Windows 10 in the limelight
The release of Windows 10 was controversial because of the way in which Microsoft tried to force the upgrade to the new version of Windows. That disaster caused not only criticism of users, but also lawsuits for a process that ended up losing data to some of them.
Those decisions also extended to the way the system updates worked. Things changed a lot with previous versions of the operating system: Microsoft no longer let us select what to upgrade and what not, and we were in a process where patches, improvements and drivers are downloaded and installed at the same time. The only parameter we could control was the time when we would restart the computer to activate the changes.
There were other measures that tried to alleviate the criticism. The most relevant, the care of users with limited or metered connections in which the consumption of data carries charges. Microsoft relieved – though not completely – those automatic downloads in those cases, even allowing WiFi networks and Ethernet networks to be treated this way.
Only Chrome OS dares with silent updates
The update policy imposed by Microsoft is the clearest example of the dilemma facing all software developments, large and small. In recent times, operating system developers have opted for schemes where updates are automatically detected and downloaded, and then the user is encouraged to apply those updates by installing and restarting the computer. This is usually necessary in both Windows and MacOS on the desktop SSOO. In this article, we focus on these platforms, although much of the speech is valid for mobile platforms such as iOS or Android.
Other platforms approach this issue in a radically opposite way. On one hand we have Chrome OS, the operating system of Google that stands out precisely for the “silent” downloads of updates that are applied without the operating system asking us anything. A small icon appears on the taskbar for informational purposes, and from it we can simply decide if we want to restart the computer to apply those updates immediately. Otherwise, the system will be updated the next time we reboot.
In Chrome OS it is also possible to manually “force” updates if we are impatient, but is that as with Chrome browser we have different levels of updates according to the rush we have to have the latest. Channels (Stable, Beta and Dev) give us access to new developments in beta, or stable, and anyone can decide what type of updates they want to receive.
The Google platform is enviable in that management of updates, which provide security and are also very informative – there is a blog dedicated to it – other operating systems do not give as much information on the news – and the company also maintains precise details on the deadlines of each machine based on this operating system.
Google, as always, takes care of everything to rid its clients of these much-needed tasks. You can do this thanks to the architecture of an operating system with a different conception: almost everything based is based on the browser and the “application store” is the only simple method to access new tools (web). Does that remind you of anything? Exactly: It is a little scheme that Microsoft wanted to continue with its newly introduced (and criticized) Windows 10 S.
The other great protagonist of this market, Linux, is equally exemplary, although from another perspective: that of control and options. It is possible to automate updates, the user is always at the controls, and it is normal for him to be able to proactively search for and apply updates with the package management systems of the distributions.
The stance is completely opposite to that of Google with Chrome OS, and as in other sections Linux returns control to the user. The system architecture is also notable for not requiring reboots: in the vast majority of cases the updates are installed and implemented immediately, and at most will have to restart services (with interruptions of only a few seconds in the worst case) to take advantage its advantages and new benefits.
You may also like to read: How to Speed up Mac?
The fundamental advantage: More secure and efficient systems
Operating systems such as those developed by Microsoft have long been trying to make your operating system more secure, something difficult if when you detect and fix a security patch users do not apply it. That is the main argument of these automatic and “forced” updates, but there are other benefits, of course …
Vulnerabilities (almost) under control: Although we will never be completely sure, these systems are responsible for keeping all components of the operating system up to date, something that should in fact also extend to applications that like Adobe Flash have served for years Of malware. That Windows is updated in a transparent and direct way effectively every time Microsoft fixes a problem our computer receives that correction and free us from possible misunderstandings or forgetfulness if we control the process manually.
Less fragmentation: As with iOS, forced updates help reduce fragmentation, and avoid conflicts since it is based on the fact that all users are up to date with the latest version, which gives advantages to the latest security improvements Such as practices, efficiency or even components that are necessary to implement new features in the future.
Always to the last: One of the pillars of Windows 10 is its conversion to a software-as-a-service (SaaS) model in which we forget some of the versions (although we are still talking about compilations) and we have a scheme similar to that of A Linux distribution with rolling release philosophy : these distros are continuously updated and there are no different versions with successive numbering that are actually practically the same. The automatic updates guarantee that we always enjoy the latest, and do it without having to worry about anything. Another good example of this approach is, again, Chrome OS.
Obvious disadvantages in loss of control
The implementation of a system of automatic and mandatory or forced updates also carries some important disadvantages, and in fact they have all made companies like Microsoft continue to take advantage of a notification scheme to give that control to the user. Among these arguments are the following …
Business users: Applying updates to thousands of jobs can pose a great risk to companies, as those updates may conflict with other software components used in daily operations. That’s what makes these updates in companies gradually applied and that the side effects of this update are evaluated first in a small group of machines.
Beware of my bandwidth: Although in developed countries, many users enjoy flat connection rates that allow large amounts of data to be downloaded without problems, in other scenarios and regions these forced updates could eliminate the quota that users have. In the Sidney Morning Herald they told the case of users of the Cook Islands, who paid about 40 euros for a quota of 3.5 GB monthly in 2015, but also pointed out that in Windows 10 the P2P system that also “borrows” The user bandwidth for updates does not help in those cases.
Conflicting updates: None of the great technology can foresee everything, and forcing updates would mean doing so with all the consequences. Although these updates often go through a strict testing phase, unexpected conflicts may appear. In fact, a security patch (KB3074681) that caused the file browser to “hang” or a KB3081424 that caused a constant reboot of the computer appears, as it did when Windows 10 was launched. Although we put Microsoft as an example, these problems can arise (and arise) in other operating systems, both desktop and mobile.
Loss of control: This is for many the key argument of that philosophy of Microsoft. The control and options provided by Microsoft do not reach the level of those of the Linux distributions, but certainly go far beyond what OSX / macOS offers. Although there are opinions of all kinds and each scheme is defended by its users in a forceful way, a scheme with forced automatic updates causes that we have to sacrifice part of the control that we had before. We do it to gain security, true, but the price may be too high for some users and environments.
The debate, therefore, remains open: Do you think that the new orientation of Windows 10 S may therefore be adequate to improve security? Is there an ideal solution for update policy? Difficult questions that not even the big ones have managed to answer in a totally satisfactory way for all its users.
You may also like this site.