this post was submitted on 10 Feb 2024
415 points (99.5% liked)
Open Source
31224 readers
322 users here now
All about open source! Feel free to ask questions, and share news, and interesting stuff!
Useful Links
- Open Source Initiative
- Free Software Foundation
- Electronic Frontier Foundation
- Software Freedom Conservancy
- It's FOSS
- Android FOSS Apps Megathread
Rules
- Posts must be relevant to the open source ideology
- No NSFW content
- No hate speech, bigotry, etc
Related Communities
- !libre_culture@lemmy.ml
- !libre_software@lemmy.ml
- !libre_hardware@lemmy.ml
- !linux@lemmy.ml
- !technology@lemmy.ml
Community icon from opensource.org, but we are not affiliated with them.
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
100% agree. I've always been shocked to see people claiming that automatic app updates are good for security. Having stuff being installed in the background on your device without your knowledge is good for security?
I understand the "we roll out an important security update and it quickly updates for all users" situation. However, I still want to chose what you install on my device. Look at what just happen with Simple Mobile Tools, how many unaware Google Play users now have spyware installed on their phones?
I think a pretty good solution for this, specific to mobile, is to require users to approve an update when permissions have changed. Most non technical users don't understand old software can contain security issues, they purely view updates as new bells and whistles. If these apps are actually malicious, they aren't going to include their new keylogger in the release notes nor release on fdroid. I think automatic updates for the predominantly non technical population is still safer.