Comment by QuadrupleA

Comment by QuadrupleA 19 hours ago

3 replies

View on Hacker News

Unfortunately companies use the "security boogeyman" to push ever-increasing ads, telemetry, performance degradation, features you probably don't want that disrupt your workflow and muscle memory, breaking API changes to libraries, etc.

If you could sign a contract with e.g. Microsoft (or hell, NPM) to only receive updates that explicitly fix bugs and security holes, that'd be amazing - but I've rarely if ever seen it.

DANmode an hour ago

Unfortunately it’s not just a boogeyman. That’s why it’s worked so well historically.

You are less secure if you wave off years of security patches.

Reply View 0 replies
deltoidmaximus 19 hours ago

During the early XP days Windows had granular updates where you could decline everything but security updates if you wanted. Even when they pushed out the Windows Genuine Advantage update (Which offered a user no genuine advantages at all, just possibly hassles) you could still decline it.

Reply View 0 replies
ryandrake 19 hours ago

Exactly--if I could guarantee that I was getting just security updates and bug fixes, I'd be happy to turn on automatic Windows updates (and application updates too, for that matter).

Reply View 0 replies