3 Apr
2018
3 Apr
'18
11:04 a.m.
On Tue, Apr 03, 2018 at 10:54:34AM -0400, Rich Kulawiec <rsk@gsp.org> wrote a message of 10 lines which said:
Watch what you wish for: you might get it. The number of attack/abuse vectors (and the severity of their consequences for security and privacy) involved in doing auto-update may rival those involved in not doing auto-update.
Also, there is the risk of getting updates that will disable some features, if there is a change in the commercial strategy of the vendor <https://boingboing.net/2016/09/19/hp-detonates-its-timebomb-pri.html>. All these risks are documented in RFC 8240, a highly recommended reading.