Comment by deepsun
7 months ago
> user who does not allow auto updates for MacOS.
Many security compliances require auto-updates to be on. It's thought of to be a lesser evil, because many (most) users never update their OS/browsers, which is worse.
7 months ago
> user who does not allow auto updates for MacOS.
Many security compliances require auto-updates to be on. It's thought of to be a lesser evil, because many (most) users never update their OS/browsers, which is worse.
Well it could be solved on two fronts, you could issue the update and let users know that the update needs to be installed and will be automatically installed if not done by a specific timeframe.
If there are security related updates where the risk is severe then they may auto update.
The point is it’s up to the device owner to make their own risk calculation instead of the benevolent manufacturer
the point was that manufacture is forced to have auto update enabled in name of security compliance. so, this issue needs to be solved by compliance first
Well, my comment was from owner's side. An end-user corporation is the owner of a corporate device like car, so it can decide whether turning it on or off. I just commented that for any serious corporation auto-updates will be turned on, per compliance requirements applied to the corporation.
This is a hypothetical in this situation, car manufacturers are under no such obligation. Also, rules like this tend to get reversed once the true risk is realized- people dying that is. We do all kinds of things for very marginal improvements to security these days