--- bortzmeyer@nic.fr wrote: From: Stephane Bortzmeyer <bortzmeyer@nic.fr> Rich Kulawiec <rsk@gsp.org> wrote a message of 10 lines which said:

Watch what you wish for: you might get it. The number of attack/abuse vectors (and the severity of their consequences for security and privacy) involved in doing auto-update may rival those involved in not doing auto-update.

Also, there is the risk of getting updates that will disable some features, if there is a change in the commercial strategy of the vendor <https://boingboing.net/2016/09/19/hp-detonates-its-timebomb-pri.html>. All these risks are documented in RFC 8240, a highly recommended reading. ------------------------------------------- Regarding the HP example story, won't natural attrition fix this? My stuff has been in storage for well over a year for various reasons and if I pull out my HP printer (which has non-HP cartridges) and it does this to me, I surely won't get another one. I'm also sure I'd be the norm on this as it would anger other non-technical HP customers, as well. (I was on the fence with HP anyway as they try to take over my equipment too much) scott ps. Who knows, I don't let my printer talk outside my network anyway, so maybe I didn't get the update.