in Apple, commentary, iOS, tech

Security vs Usability

I’ve come to a point where I do **not** update apps, plugins, software in general. I know that’s a regressive approach to safety, but safety can’t keep trumping usability all the time.

Source: My comment on Stephen’s Notebook

 

Every few days, I have a conversation about security vs usability somewhere. With my iPad Mini, I blindly trusted Apple to do the right thing and they’ve screwed me over. It’s a beloved device, destroyed completely by iOS 9.

So I’ve basically given up on this bullshit harp that companies sing of ‘security’ to shove software updates down our throats. Sometimes it’s their stupidity, and sometimes it’s just them being sinister. The new Microsoft is the old Microsoft. The benevolent Apple is an insidious Apple. Don’t get me started on Facebook, twitter, and Google. Gmail is just the latest casualty of our overzealous overlords.

Yes, security is a big problem. Yes, it needs constant vigilance. But just like national defense budgets, one key phrase doesn’t allow organizations to completely railroad people’s expectations, asks, hopes, and in this case, UX.

If you’re concerned that by not updating software, you’re living on the edge, restrict the things you do on that device, while keeping other devices that are completely updated and secured. Use only frequently updated third party browsers instead of the default options. Read up on the latest security scares on the Internet and just be aware of the situations you can get into. But most importantly – back up. Make frequent backups of things you care about. I don’t care if it’s as much as letting iCloud run its course every night, and Google Photos siphoning off your pics. Just do it so that if you brick your device, or get hacked, you’re not set back a hundred years.

99% of security is just keeping your eyes open.

What do you think?

This site uses Akismet to reduce spam. Learn how your comment data is processed.

  1. Maybe. Maybe not.
    I always update macOS, iOS, tvOS, whenever a security update is available, and my three Linux servers on a weekly basis. I have never had an update go wrong. To me (and many security professionals), convenience is the enemy of security.
    But of course, you know what I do for a living. So maybe my advice to always, always, perform the security update for personal devices will be ignored. Fifteen years of experience and knowledge will count for nothing with people like Stephen Pieper.
    I’ve got a wife and kids and elderly parents and elderly parents-in-law. I’ve got people to protect.
    To quote David Halberstam writing about political leaders,

    They were brilliant and they were fools.

    Do you think that companies like Equifax and Yahoo should be as nonchalant about security updates?