A column on irritating software updates

[Hanno Labuschagne]

A column on irritating software updates

Even if you only have a handful of apps on your smartphone, the updates developers push out every few days easily add up to hundreds of megabytes per month.

This letter to the editor comes from Paul Riekert, a music composer and audio specialist. Music lovers may recognise him from his industrial music project Battery 9.

 

[borro]

 

[Solitude]

Battery 9 brings back such fond memories.

 

[umamankandla]

With some apps, the only reason they update the app is to make you now pay for a feature that was free...which is fine, but don't act like its fair to charge $199 a month for some simple feature like personal history. And yes, there are many apps that charge that much

edit: Sorry, R199, not $...

 

[simonbuerger]

Yeah that might be true for some apps. But speaking as an app developer - just because you can't see the reason for an update doesn't mean there isn't a valid one. But you really can't skip WordPress updates because it's probably the single most targeted platform on the internet. Most of the updates involve patching for some kind of zero day or other, ignore at your peril as there are literally bots constantly trawling sites looking for exploitable versions of WordPress and it's plugins...

 

[bwana]

Google is the absolute worst when it comes to updates. Ended up uninstalling many of their apps because of it.

 

[RedViking]

Looking at Google and their apps for simply forcing updates.

They do? Oh, didn't notice.

Oh well. I am so upset now.

 

[The Web Space Bar]

Some updates contain vulnerability patches.
There are low hanging fruit when malicious people wish to break into sites / devices / servers / etc and the first check usually pertains to missing patches. Checks for exploits against out-dated software can result in a successful exploit of a known vunerability. This applies to everything from routers to operating system software on your phone and yes even to wordpress. Updating could break it, not updating could be worse.

 

[Moto Guzzi]

Digital is the only concept that never matures from birth, and thats actually a big gigantic problem. How much bandwith does only updates eat up and the hardware construction needed to facilitate just that, think about the resources wasted, look at the E-waste dumped in 3rd world countries. This is out of control, runaway train.
There should be a rule, everytime something updates, it must use less resources, work better and cost less, which will illustrate proudness of the effort.

 

[Swa]

Yeah that might be true for some apps. But speaking as an app developer - just because you can't see the reason for an update doesn't mean there isn't a valid one. But you really can't skip WordPress updates because it's probably the single most targeted platform on the internet. Most of the updates involve patching for some kind of zero day or other, ignore at your peril as there are literally bots constantly trawling sites looking for exploitable versions of WordPress and it's plugins...

Unfortunately it's true for the majority. The biggest problems with online is carelessness and attention to detail. Developers no longer care about making robust apps and doing proper testing like the days where you had to rely on cover CDs and floppies (yes, SA is the only place that uses the term stiffy) through the post to get an update out. Because it's so cheap to do an update now they've become the order of the day with developers not thinking they cost time and money on the other end.

The focus should be on not doing updates like it used to be. That means designing good software from the start and making sure that every update after that is as robust as can be because it's hard to fix it afterwards. It's not true that patching often results in more secure software as there's plenty of software that were available on disk only that to this day is still immune. What's true is that bad development practices lead to insecure software. Let's also be frank here, hackers use tried and trusted methods of breaking into sites. They rarely invent new ones. Most vulnerabilities are either buffer overflows or unescaped user input meaning developers were careless in the first place.

And if you still feel you must update often at least give an indication of fixes (if any) and whether it's purely cosmetic or functional or security related. If it's security then indicate what the fixes are and what the risks and consequences are of not upgrading. And please make sure the update doesn't just tinker with stuff that already works fine and breaks it in the process.

In short make sure updates are done carefully with consideration so they are a help rather than a contribution to the update plague.