Skip to main content

Who has the Right to Perform Updates on your Computer and how Important are they?

These days, it seems that just about everyone feels that they have the right to update your computer automatically and for the least important applications.

But the questions need to be asked;

  1. Exactly how critical is the update and what will happen if I don't do it?

  2. How much testing has been done on the impact of this update on the applications I like to run?

  3. What is the update doing to my startup?

  4. Who gets to decide the timing and what warning is given?

  5. What will the application do to my network?




I'm not going to attempt to answer these questions in this post. I'm basically just going to whinge and then post updates as I get my policy in order. At the moment, I don't know what the best answers are.



The Microsoft Whinge
Microsoft used to provide only important security updates as "critical" but they are now putting out all sorts of unwarranted updates, like Internet Explorer 7, via the automatic distribution system.

The really annoying thing about Microsoft's update strategy though, is that they believe that they have the right to reboot your PC without your permission just because you don't seem to be doing anything much at the time.

I often leave my PC running overnight to do big things, such as download large files, convert pictures to DVD with fancy fades etc. In Microsoft's view, I'm not using my PC (keyboard and mouse), so it's alright to reboot.

There's worse though, much much worse.. I've left the automatic update on the recommended settings on servers just to see what will happen... Microsoft thinks nothing of rebooting the domino server just to put an IE update on it. I don't even use IE on my servers but Domino really needs to run 24x7.

I've also seen the Microsoft update reboot a server in the middle of a backup job.

Needless to say, I've turned it off on the servers I care about but now there are some serious considerations at work as to whether or not we need to turn it off on all our PCs as well.

Other Update Culprits
Microsoft isn't the only one, there are lots of other update culprits too with probably the worst of these being;


  • Sun Java
    Aside from being overly interactive and very slow to update, the sun Java update has one particularly nasty flaw. I've never seen "good" come from it. In other words, I've never had an instance where something that didn't work, suddenly started working after the update. Of course, I've seen plenty of things go the other way - for instance, I can no longer remotely manage our Symantec Firewall from my PC. Luckily, I have another un-updated PC I can use. This update should certainly be stopped.



  • Anti-Virus (Symantec and McAfee)

    Last Thursday, McAfee decided to do an automatic update to their personal firewalls. There were a number of side-effects. The update blocked most applications, including those previously given authorization, from the internet. It forced users to reboot, sure, it did give them a Yes/No choice but it also prevented any access to the file servers (bad luck if you had open files). Finally, it reset everything back to an "untrusted network" status. The timing was very unfortunate as Thursday was our "Board of Director's meeting day" and everyone was in a rush. It basically meant that I had to drop everything to deal with the problem - and it took all morning.

    Although the update was messy, at least it worked. We ditched Symantec about a year ago because it was deploying updates which failed regularly. From the look of the news, this is still happening - Article: Anti-virus cock-up paralyses millions of PCs (thanks Anna for the link).

    So should Anti-Virus updates be turned off - certainly not - but there has to be a better way of testing them first. I'll be contacting McAfee today (hopefully) and will post some results (if I get them) here.



  • Adobe Acrobat

    Adobe should win some kind of award for the worst deployment mechanism for updates. Where else can you find an update system that wants to reboot in the middle of an update and then continue installing. Also - why do they keep trying to sneak extra bandwidth hogging software in? Photoshop LE? Yahoo Toolbar? Come on, if we wanted it we would go get it ourselves. You should certainly remove the automatic Acrobat update utility from your computer. It doesn't serve any useful purpose as far as I can see.



  • RealPlayer

    Unlike its nice brother Quicktime, RealPlayer loves to be automated and loves to be updated. I don't play a lot of realplayer stuff but I've noticed that it refuses to play files and wants to update almost every time I use it. Unless you absolutely need to access Realplayer things, this belongs OFF your system - not the updates, the whole application. If you do need to run it, go through the preferences and file association with a fine toothcomb, nearly everything is NOT what you would want. Oh, and get it out of startup.





Mucking Around with Startup
This post is getting long, so I'm not going to worry about covering startup here suffice to say that you should get your hands on Mike Lin's excellent Startup Control Panel Applet and start blowing unnecessary things out of startup. I'll explain how to identify things in another post, but for the moment, consider removing the following from startup;


  • Adobe Acrobat Speed Launcher

  • Adobe Acrobat Assistant

  • Quicktime Tasks

  • iTunes Helper

  • RealPlayer

  • Sun Java Update Sched

  • CD Burner Utilites (like Nero)

  • MS Messenger unless you use it

  • Spyware - such as anything starting with WhenU



You don't need these applications in startup, they add a lot to the load-time of your computer. If you need Acrobat, you can start it (or it will start when you open a PDF file) - you may need to wait a few seconds, but better to lose a few seconds there than during startup every time. The same applies for most of the other applications.

Comments

Popular posts from this blog

How to Change Your Notification Options for New Lotus Notes Mail in version 8.x

Don't worry, I'm not patronizing you (my readers), I just decided to re-document this for one of our internal users and thought you might want to be able to use it in your own user documentation. WHAT IS THIS DOCUMENT ABOUT? Some people who don't get a lot of mail, like to be notified when such an event occurs. Notification can be; via a sound via a pop-up box via the system tray (where the computer clock is) The pop up box looks like this; Other people, who like myself, get too much mail would rather not be notified. The aim of this document is to tell you how (and where) to turn these options on and off. CHANGING YOUR SETTINGS To change your settings from the Notes 8.x client; On the Menu, click File , then Preferences... On the left hand side , click on the little plus sign to the left of Mail to expand the options. Click on the option marked Sending and Receiving . In the middle section, under receiving, you can control your notifications. If you untick the box mark...

How to Create a Bootable DVD Using Nero Burning ROM 9

I often need to create bootable CDs and DVDs but it's weird because I frequently end up buring myself a new coaster instead. It's not that the process is difficult, just that nero has a few too many options and I forget which ones to choose and end up picking the wrong one. I figured that the best way to avoid this mistake in future would be to write the steps down. Procedure Insert CD or DVD into your DVD Burner. Start Nero Burning ROM 9 Choose DVD-ROM (Boot) or CD-ROM (Boot) depending on what you're creating You'll be prompted for a disk image source. Choose a Nero Source - you'll usually find them somewhere like this... C:\Program Files\Nero\Nero9\Nero Burning Rom\DOSBootImage.ima Leave the Boot Locale as English - unless you really need a different keyboard layout Tick the box marked [X] Enable Expert Settings Choose Hard Drive Emulation and leave any other settings as they are. Click the button marked New Add any files you want but don't try to add operati...

How to Create an Auto-Response Mail Message in Lotus Notes 8.5.3+

Why would you do this? Suppose that you have an externally accessible generic email address for your company; support@mycompany.com or info@mycompany.com. You might expose this to the web and allow people to send messages to you. Setting up an auto-response email will tell the senders that their message reached its destination and that it will be dealt with accordingly.  It's also good practice to include links to FAQs or other useful information. Why 8.5.3 The techniques we'll be using here work in older versions of Notes but some of the options seem to have moved around in 8.5.3.  I figured it was a good time to show you where they've moved to. The Procedure Start Domino Designer and open the Mail file to be modified.  A really quick way to do this is to right-click on the application tab and choose "Open in Designer". In the Left hand panel of designer, expand Code and then double-click Agents.  A new window should appear. Click the action ...