XPost: alt.comp.os.windows-10   
   From: ithinkiam@gmail.com   
      
   On 31/03/2024 19:17, Newyana2 wrote:   
   > "J.O. Aho"  wrote   
   >   
   > | > The   
   > | > whole approach is a ridiculous mess. How could quality control   
   > | > possibly be carried out on so many constant changes?   
   > |   
   > | Quite simple, most open source projects can get free static code   
   > | inspection (this can be automated say when a pull request is made), a   
   > | review is always needed before code are merged (how good it is depends   
   > | on the maintainers, all from sloppy microsoft standard to BSD high   
   > | standard) . This is the same way as most closed source projects also are   
   > | done.   
   > |   
   >   
   >    I don't see it as a closed vs open issue. Microsoft   
   > now do the same dripfeed updating. Essentially, the   
   > SOHo customer base are now an unpaid beta testing   
   > army.   
   >   
   >    I've had to make efforts to block these unknown updates   
   > in both Win10 and Suse. (And yes, it is in the 100s. I had   
   > my firewall down briefly after a week or two when Suse couldn't   
   > call home. It told me I had 360 updates waiting. What are   
   > they? Who knows. Most of the ames are not informative, even   
   > if I wanted to look through 360 updates.   
      
   Linux package updates are pretty informative. Especially if you want to   
   differentiate between feature updates and bug fixes or security updates.   
      
   > It's nuts. I didn't   
   > agree to be a beta testing volunteer for programmers who   
   > can't stop fiddling. I'm guessing they may spend more time   
   > rebuilding the install package than actually writing the software.)   
      
   You'd guess wrong.   
      
   >    The way it used to work is that software was thoroughly   
   > tested before release. Then another version might come out   
   > in maybe a year.   
      
   There's a reason why that doesn't happen anymore: it sucked. That was   
   the WinXP model which ultimately failed catastrophically (see WannaCry).   
   You had to wait until the next Service Pack in order to secure your OS   
   which may have been vulnerable for several months.   
      
   > t that point people might try it out, or they   
   > might wait for reviews. And one could easily find a list of   
   > actual changes in the new version. Most of my Windows software   
   > hasn't been updated in ages and still works fine. But Microsoft and   
   > Linux are now both guilty of seat-of-the-pants updating. If it   
   > isn't stopped, Windows will show a message at boot every few   
   > days: "Please wait. Installing updates."   
   >   
   >    Apple is a different thing. They serve a consumer-only audience,   
      
   That's simply not true. There are whole professional industries which   
   are Apple-centric.   
      
   > updating periodically with stable releases and   
      
   Security updates can happen at any time. Since release of the latest   
   version of macOS in September there have been nine updates, with five   
   being security/vulnerability specific releases.   
      
   > quickly dropping   
   > support for older products.   
      
   Which from a security standpoint works very well. Apple long ago stopped   
   selling OS updates - which Microsoft still kinda does - as it made sense   
   to have as many users as possible on the latest and most up-to-date OS   
   version.   
      
   Charging for updates means users won't update in a timely manner and   
   that leaves MS with the headache of having to support multiple versions   
   concurrently which is expensive and inefficient.   
      
   > Their aim is to sell a lot of very   
   > dependable devices to a tech-illiterate customer base, which is   
   > a different business model.   
   >   
   >   If someone screws up and needs to issue a fix, that's fine.   
   > But it shouldn't happen very often. An OS on a computer that's   
   > actually in use shouldn't be getting dripfeed updates.   
      
   Of course it should. The bad model is that all updates need a reboot   
   (e.g. windows and macOS), whereas in linux most updates can happen in   
   the background with the system still running.   
      
   > It should   
   > be getting updates rarely and then with good reason. MS know that.   
   > That's why they let corporate customers update periodically and   
   > test out the changes before rolling them out.   
      
   And corporate customers apply them as they're released. The cost of   
   internally verifying them and thereby delay applying highly critical   
   vulnerabilities is not worth it. Can you imagine the damage to   
   reputation if Corp X was victim of a 0-zero day vulnerability and held   
   to ransom simply because they chose not to apply a patch in a timely   
   manner?   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)