Home
Graphics
To Update Or Not
If you've spent any amount of time reading best security practices there's
a good chance you've heard that you should always be using the latest software, but
is this always the case? Today I'm going to explain some pros for and cons against this mind
set and let you decide for yourself what the best practice is.
Pros for Updating
*Probably the biggest pro is that by updating you are patching the program/OS from any
known vulnerabilities thus lowering the attack vector a hacker has access to.
*You have the latest version meaning that you have all the new features the company has
avaliable.
*Because companies eventualy stop suporting a version by not updating you are more at risk.
Cons to Updating
*Even thou updates are suppose to make a system more secure there are times when the programs
code falls into the wrong hands and instead brings in something such as a backdoor. A
recent example of this can be read by clicking this link XZ utlis Backdoor Update.
Although this isn't a common occurance it is still a good idea to check to make sure the version of the program you are getting
is the version the devolpers intended.
*It is far more common for an update to break something that wasn't broken due to bad coding or misconfigurations
of said code than you would think after all it is very common to forget that even though alot of people who have
gotten deep into programing for a good reason are useualy good at not releasing programs that don't work they are
still humans who are bound to screw up every once in a while so it is a good idea to see if there are any known issues
before you update.
*Depending on what OS you are using and what your internet speed happens to be these updates could very well take
awhile to complete. For this reason you should never update a system when you need to use it such as work hours, instead
it should be done right after work hours on the system when you don't need the system for the rest of the day. As a side
note if this is your personal computer then idealy you'd want to update on a day you don't have to work in case it
does take a long time or if something does go wrong it is not determental to your work day.
*There are cases where a company either uses legacy systems that can't be updated what so ever or worse
by updating that system you cause a national emergancy because that system needs to stay online at all times.
The Problem with Forced Updates
Regaurdless on weather you think updates are only a good thing that creates a more secure enviornment for
everyone or you think alot of the time updates do more harm than good in the long run, there is one thing
that I think just about all of us can agree on and that is you should never ever force your users to update.
For one it is really annoying to your users anyone who's used Windows 10 knows exactly what I mean when I
say this.Not only is this annoying but it also sends a message of "just trust us we know what's best for you" even
though these same people have broken Windows 10 numerous times in the past, not to mention interupting people during
their work hours even if said person has explitly said not to interupt during these hours. The bottom line is even
if people choose not to update their systems as much as they should it is the responsibilty of the user
not the company to ensure their systems are secured. Just because a system is not fully up to date doesn't mean
that person is getting hacked nor does haveing the lattest software prevent someone from getting hacked into all
updates do from a security stand point is lower the options a hacker has in terms of getting in to your system.