I feel like this is the fake reason given to try to hide the obvious reason: automatic updates are a power move that allows companies to retain control of products they've sold.
Yep. And even aside from security, its a nightmare needing to maintain multiple versions of a product. "Oh, our software is crashing? What version do you have? Oh, 4.5. Well, update 4.7 from 2 years ago may fix your problem, but we've also released major versions 5 and 6 since then - no, I'm not trying to upsell you ma'am. We'll pull up the code from that version and see if we can figure out the problem."
Having evergreen software that just keeps itself up to date is marvellous. The Google Docs team only needs to care about the current version of their software. There are no documents saved with an old version. There's no need to backport fixes to old versions, and no QA teams that need to test backported security updates on 10 year old hardware.
Its just a shame about, y'know, the aptly named crowdstrike.
Fine. But Google can mass-migrate all of them to a new format any time they want. They don’t have the situation you used to have with Word, where you needed to remember to Save As Word 2001 format or whatever so you could open the file on another computer. (And if you forgot, the file was unreadable). It was a huge pain.
Yes it is better than the Word situation, but no it isn't not caring. There do exist old format docs and Google does have to care - to make that migration.
Yes, they have to migrate once. But they don’t need to maintain 8 different versions of Word going back a decade, make sure all security patches get back ported (without breaking anything along the way), and make all of them are in some way cross compatible despite having differing feature sets.
If google makes a new storage format they have to migrate old Google docs. But that’s a once off thing. When migrations happen, documents are only ever moved from old file formats to new file formats. With word, I need to be able to open an old document with the new version of word, make changes then re-save it so it’s compatible with the old version of word again. Then edit it on an old version of word and go back and forth.
I’m sure the Google engineers are very busy. But by making Docs be evergreen software, they have a much easier problem to solve when it comes to this stuff. Nobody uses the version of Google docs from 6 months ago. You can’t. And that simplifies a lot of things.
They have to migrate each time they change the format, surely. Either that or maintain converters going back decades, to apply the right one when a document is opened.
> but they don’t need to maintain 8 different versions of Word going back a decade, make sure all security patches get back ported
Nor does Microsoft for Word.
> With word, I need to be able to open an old document with the new version of word, make changes then re-save it so it’s compatible with the old version of word again.
You don't have to, unless you want the benefit of that.
And Google Docs offers the same.
> Nobody uses the version of Google docs from 6 months ago. You can’t. And that simplifies a lot of things.
Well, I'd love to use the version of Gmail web from 6 months ago. Because three months ago Google broke email address input such that it no longer accesses the contacts list and I have to type/paste each address in full.
That's a price we pay for things being "simpler" for a software provider than can and does change the software I am using without telling me let alone giving me the choice.
Not to mention the change that took away a large chunk of my working screen space for an advert telling me to switch to the app version, despite have the latest version of Google's own Chrome. An advert I cannot remove despite having got the message 1000 times. Pure extortion. Simplification is no excuse.
It used to be the original reason why automatic updates were accepted and it was valid.
But since then it has been abused for all sorts of things that really are nothing more than consolidation of power, including an entire shift in mentality of what "ownership" even means: Tech companies today seem to think it's the standard that they keep effective ownership of a product for its entire life cycle, no matter how much money a customer has paid for it, and no matter deeply the customer relies on that product.
(Politicians mostly seem fine with that development or even encourage it)
I agree that an average nontechnical person can't be expected to keep track of all the security patches manually to keep their devices secure.
What I would expect would be an easy way to opt-out of automatic updates if you know what you're doing. The fact that many companies go to absurd lengths to stop you from e.g. replacing the firmware or unlocking the bootloader, even if you're the owner of the device is a pretty clear sign to me they are not doing this out of a desire to protect the end-user.
Also, I'm a bit baffled that there is no vetting at all of the contents of updates. A vendor can write absolutely whatever they want into a patch for some product of theirs and arbitrarily change the behaviour of software and devices that belong to other people. As a society, we're just trusting the tech companies to do the right thing.
I think a better system would be if updates would at the very least have to be vetted by an independent third party before being applied and a device would only accept an update if it's signed by the vendor and the third-party.
The third-party cold then do the following things:
- run tests and check for bugs
- check for malicious and rights-infringing changes deliberately introduced by the vendor (e.g. taking away functionality that was there at time of purchase)
- publicly document the contents of an update, beyond "bug fixes and performance improvements".
What you're describing is what Linux distro maintainers do: Debian maintainers check the changes of different software repos, look at new options and decide if anything should be disabled in the official Debian release, and compile and upload the packages.
The problem you are complaining about here is the weakening of labor and consumer organizations vis a vis capital or ownership organizations. The software must be updated frequently due to our lack of skill in writing secure software. Whether all the corporations will take advantage of everything under the sun to reduce the power the purchasers and producers of these products have is a political and legal questions. If only the corporations are politically involved then only they will have their voice heard by the legislatures.
no reason why both can't be true — the security is overall better, and companies are happy to invest in advancing this paradigm because it gives them more control
incentive can and does undermine the stated goal. what if the government decided to take control of everyone's investment portfolio to prevent the market doing bad things? or an airplane manufacturer gets takes control of its own safety certification process because obviously its in their best interest that their planes are safe? imposed curfew, everyone has to be inside their homes while its dark outside because most violent crimes occur at night?
how much lathe-ing have you done recently? did you load files onto your CNC lathe with an SD card, and thus there is a computer, which needs updates, or are you thinking of a lathe that is a motor and a rubber band, and nothing else, from, like, high school woodshop?
I bought a 3d printer years ago then let it sit collecting dust for like 2 or more years because I was intimidated by it. Finally started using it and was blown away how useful it has been to me. Then a long time later realized holy shit there are updates and upgrades one can easily do. I can add a camera and control everything and monitor everything from any online connected device. I always hated pulling out the sd card and bringing it to my computer and copying it over and back to the printer and so on. Being online makes things so much easier and faster. I have been rocking my basic printer for a few years now and have not paid much attention to the scene and then started seeing these multi color prints holy shit am I slow and behind the times. The newer printers are pretty rad but I will give props to my Anycubic Mega it has been a work horse and I have had very little problems. I don't want it to die on me but a newer printer would be cool also.
There are immense benefits to using modern computing power, including both onboard and remote functionality. The cost of increased software security vulnerability is easily justified.
1. Nobody auto updates my linux machines. They have no malware.
2. It's my job to change the oil in my car. When Ford starts sending a tech to my house to tamper with my machines "because they need maintenance" will be the day I am no longer a Ford customer.
The irony of this comment is almost perfected by the fact Ford were one of the leading companies in bringing ECU's (one of the myriad of computer systems essential to modern vehicles that can and do receive regular updates) to market in checks notes 1975.
Those Linux systems that aren't getting updates must be the ones sending Mirai to my Linux systems, which are getting updates (and also Mirai, although it won't run because it's the wrong architecture).
No malware? Only if you have your head in the sand.
I assume that comment was saying that they handle the update process and that their machines don't have any malware on them.
I ignored it because it was somewhat abusive and is missing the problem that automatic updates are trying to solve: that most people, but not all, don't do updates.
Outage aside, do you feel safe using it while knowing that it accepts updates based on the whims of far away people that you don't know?