On 9/5/2013 9:58 AM, Jim Pingle wrote: > On 9/5/2013 9:43 AM, Jim Thompson wrote: >> On Sep 5, 2013, at 7:57 AM, Jim Pingle <[email protected]> wrote: >> >>> But it doesn't matter if the vendors issue a patch, people actually have >>> to install the update to fix it, and odds are high that typical end >>> users have no idea that is even possible or something they have to do. >> >> This speaks to a service that keeps the software updated. > > Cisco/Linksys caught a lot of flack for doing that[1][2]. Shipping with > an auto-update flag on can be unexpected and dangerous, but if it's > shipped off, it would probably never be turned on by those who need it most. > > For many end users it does make sense, but then again that's also yet > another channel that can be exploited to compromise the router, too.
To clarify a little since my reply was a bit short and could be misconstrued: I'm not opposed to auto-update if it's done securely and opt-in. Especially if you can schedule the time it takes place (e.g. specific day, specific time frame). If it's done with an eye on caution to secure the update mechanism and informing the user about what will happen and when, it would be a nice extra option. A few other random alternate strategies/improvements: * Send a notification some time (24 hrs?) before the update to give the user a chance to opt out of a specific update or reschedule. * Optionally have the update download to the unit so it is staged/ready and then notify the user it is ready to apply, and offer a means to schedule it from there. * Have a knob to control whether it would accept only point releases, minor version upgrades, and/or major version upgrades Jim _______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
