But it won’t install without the user taking explicit action. There is a compromise move that Apple could have considered: place a blatant red alert on the devices announcing that there is an update available, which Apple sometimes has done. People expect to be invited to do that and told that they are doing that. It seems to be deliberately discouraging most people from patching, so Apple can catch bugs missed internally. In effect, Apple is turning its more security-conscious users into beta-testers. Admitting this in a Reddit chat seems an odd way to tell people. And by not publicly announcing this on their homepage and via a news release, Apple comes across as hiding this and deceiving their users. Apple is handing Google’s Android a great marketing win by undermining one of Apple’s best advantages and differentiators. One of the key security arguments for Apple/iOS over Google/Android has been faster updates/patches. That would be fine had IT instructed users to not accept auto-update, but for those who wanted users to choose auto-update, it is decidedly not good.įrom a marketing perspective, Apple is hurting itself. This means IT (or someone who focuses on security) must check every day for updates and then choose whether to blast message/email that news to all users. Apple creating a patch and keeping it quiet - in terms of lagging auto-updates - is nothing shy of reckless.
Once a security hole is discovered, bad guys move in immediately, hoping to steal or disrupt what they can before the world patches the hole. Not flagging security patches is a tremendous problem. Why be a guinea pig if you don’t have to, right? That said, this can be dealt with by delaying things a day or two, not for a month. It wouldn't necessarily be a bad IT policy to deliberately not install the latest updates and to wait to see whether a new update causes things to blow up. Apple updates have a history of doing bad things to iOS devices. The users who are willing to wait are the ones that would have never chosen auto-updates.īy the way, auto-updates themselves are not necessarily the safest route.
/article-new/2018/04/VIP-alerts-apple-watch-800x862.jpg "Red Alert for apple instal")
This raises so many questions and some very serious concerns for IT and security admins whose users work with iPhones and iPads for business.įirst, doesn’t this directly contradict the implied intent of auto-update? Users select this option so that they are best protected. In short, despite activating auto-update, users may wind up waiting a month for a security patch unless they dig into settings every day on the off chance there’s an update to be found. And then 1-4 weeks later - after we’ve received feedback on the update - ramp up to devices with auto-update enabled.” In a Reddit conversation with user Mateusz Buda - it was first reported by Forbes - Federighi said: “We incrementally rollout new iOS updates by first making them available for those that explicitly seek them out in Settings.
0 kommentar(er)
