ACLU Warns About Government-Mandated Malicious Software Updates

[Lucian Armasu]

ACLU released a guide teaching developers how to protect themselves against government requests that demand that they send malicious updates to their users.

ACLU Warns About Government-Mandated Malicious Software Updates : Read more

 

[x_elusiv_x]

The ACLU...sure, they are SUPER trustworthy.

 

[stdragon]

The ACLU...sure, they are SUPER trustworthy.

They're also cowards. https://reason.com/blog/2018/06/21/aclu-leaked-memo-free-speech

 

[Non-Euclidean]

Don't Panic!

The ACLU is on your side. That is, as long as you believe in censoring people who aren't PC, as long as you are are not white and as lonng as you don't own a firearm. Oh, and as long as you believe in men using the lady's bathroom also.

 

[stdragon]

I much prefer the message and leadership of these sorts of issues from the Electronic Frontier Foundation

https://www.eff.org/

 

[Tanyac]

Regardless of whether the ACLU lack integrity there is a point here.

I typically block all applications that don't need internet access just to work and disable automatic updates for several reasons. Poor development quality leads to updates that break the application(s) that were working fine. Developers love to change UIs just for the sake of change, creating confusion and loss of productivity, and finally, you never know what's in an update. There are no trustworthy software companies. Their motives for automatic updates are not honorable and never have been. Software developers should not be trusted. Telemetry is in everything now. Governments should be trusted even less.

 

[Sleepy_Hollowed]

That used to be a worry when auto update was in its infancy... certified updates could be a bit harder to detect if the government targets say enterprise versions or older versions of operating systems with paid custom patches.

 

[hotaru251]

jokes on them....i dont even have a cam or mic connected to my desktop!


but for reals im more concerned about spectre updates slowing system down than being target of malicious updates :/

 

[faoimv4]

I love the comments from people "triggered" by the very existence of an organization founded to protect their rights.

 

[jabliese]

"One such tactic is implementing “mirrorable distribution” for software updates so users can get the updates from each other"

Yea, that won't go wrong. Nice try ACLU, but you need better geeks.

 

[knightmike]

I only use automatic updates for games. I've been burned too many times allowing automatic updates. Never again.

 

[Christopher1]

Knightmike, how have you 'been burned'? 20 years ago yes, having automatic updates enabled was bad because customers were used as 'beta testers'. Today? I have never had an update cause problems on my system to any application I was running.