Software updates are a part of everyone’s life. Auto-updates make the lives of software engineers, and the family IT support person easier. Sometimes, though, auto updates create more trouble than they prevent.
- UI/UX Change
- Feature removal
- Malicious Update
The list above contains three scenarios where auto-updates create unwanted changes.
My father-in-law has complained more than once about his iPhone app updates changing the layout/look/feel of the app. “They don’t design these things with older people like me in mind, I don’t want to re-learn it every time it updates.” Technology is hard enough to get some people to adopt the first time. Every incremental change to the software adds an additional reason to not continue it’s use.
In Mario Kart 64 there are sixteen tracks that you can race on. When it was released in 1996/1997 it had to be feature complete, there was no way to remotely update the game’s software on a Nintendo 64 console. In the decades since its release, there have been numerous glitches discovered to take shortcuts that the games developer never intended. Some are more well-known than others, and some are harder, if not nearly impossible, to achieve. To this day my friends and I will sometimes get together and play this game. We know of the shortcuts, and their risk vs. reward, and they are fair game. Its a glorious sight to see a friend attempt the shortcut on Rainbow Road and miss the landing only to fall into deep space. The shortcuts are a feature at this point, and if the game had the ability to be auto-updated most of these problems would likely be removed. Some would argue it is a security patch to make the game more secure and fair, but I would argue it is a feature of the game that I enjoy being removed.
Auto-update security has mostly been solved. Software update packages are signed with a private key and the software will only auto-update if the key matches. It has been shown that securing private keys is hard. With each additional software package you install and allow auto-updates, you are trusting that the developers have properly secured their signing keys. Another problem is that even if signing keys are secure, a malicious actor can inject the code during compile time, and have the developer sign the malicious binaries and distribute it legitimately. Solar Winds had their entire company’s business under a microscope overnight because a malicious actor used this technique against them.
Finally, auto-updates can take stable software with few bugs and without user input turn that same software into buggy and insecure software. These days most software companies and vendors are taking security more seriously, and many languages like Rust are designed to not allow certain types of low level memory bugs. The problem is that software is a product of humans, and humans are not perfect. Code is always getting more complex, and dependencies seem to always be growing, with each update and additional library you are introducing more of a vector for insecurity or bugs.
Auto-updates have many evangelists and do legitimately have security benefits, but leaving them enabled doesn’t come without downsides.
If you have time to waste, check out Summoning Salt’s video on the latest Mario Kart 64 shortcut and world record attempts.
Leave a Reply