Automatic and silent installation of security updates

Matthew Paul Thomas mpt at canonical.com
Fri Jul 8 21:45:19 CDT 2005 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Wouter Stomp wrote:
>...
> The original bug (11856):
> The pretty red icon seems not to be sufficient for end-users, they
> often do not install security fixes.

This is a symptom of the general bug "the so-called 'notification area'
is too small to display notifications".

>                                      I suggest to open a popup at
> startup wich propose to install updates and allow to install them or
> deporte the upgrade.
> 
> Of course this is very close to update-manager. The update-manager
> should be able to BE that popup

Excellent idea. People don't read alerts, so using the update-manager
window to actually display the available updates should be an
improvement (especially for people who are familiar with what it looks
like).

>                                 if the list of upgrades are in an
> expander and with a phrase more like : « %i updates are available, for
> security reasons, you should install them now. Click on « install » to
> install them. ».

Or just show the list of updates without any intervention.

> If the user chooses to upgrade, the upgrade should be silent. A
> blinking/breathing icon in the tray is enough.
>...

I don't think that would work very well. The most common problem would
be people thinking that the installation had happened instantly, and
then shutting down or whatever before it could finish. Also, what if
people chose to install/uninstall other programs at the same time? Would
you show a progress window that included the things they had selected
manually, but didn't include the security updates?

> A problem is also that people that do not belong to the admin group
> have this mechanism (icons, etc.) but at the last moment, they realize
> they are not allowed to do such operations.
>...

That's not necessarily a bad thing. If the admin rarely uses the
computer, whoever *does* use the computer frequently will start nagging
the admin about "this Updates box that keeps coming up". This will make
the average duration of system vulnerability shorter than it would be if
the update interface was presented only to those in the admin group.
However, admins should be able to turn off the notification for public
or semi-public computers (e.g. those in a university lab or cybercafe).

- --
Matthew Thomas
http://mpt.net.nz/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQFCzzo/6PUxNfU6ecoRAkCaAJ9E6KTsDCUcedJ9frPxaml41TgTaQCfciBT
g7Ht7sSRdMfDkxh7b3EMjiI=
=MYfE
-----END PGP SIGNATURE-----

More information about the ubuntu-devel mailing list