…The benefits are obvious: fast turnaround time between spotting a problem and getting it to the customer, very low cost of distribution and last but definitely not least: automatic updates are now a thing…And that’s exactly the downside: your software will be more than happy to install a broken, changed, reduced, functionally no longer equivalent, spyware, malware, data loss inducing or outright dangerous piece of software right over the top of the one that you were using happily until today. More often than not automatic updates are not done with the interest of the user in mind. They are abused to the point where many users—me included—would rather forego all updates (let alone automatic ones) simply because we apparently can not trust the party on the other side of this transaction to have our, the users, interests at heart.

It isn’t rare at all to be greeted by a piece of software that no longer reads the data that was perfectly legible until yesterday because of an upgrade (I had a CAD system like that). Regressing back to the previous version and you’ll find that it tells you the data is also no longer legible by that version because the newer one has touched it. Restore from backup and get caught in an automatic update war that you can only stop by telling your computer that the automatic update host does not exist any more. It shouldn’t take that level of sophistication to keep a system running reliably, especially not when your livelihood depends on it.

…The list of these transgressions is endless, and software vendors the world over still don’t seem to get it. If updating software is so easy, why are users so reluctant to do it? That’s because all you software vendors collectively royally messed it up. You’ve burned your users trust on so many occasions, not thinking from their perspective but from your own almost exclusively leading to people locking down their systems and foregoing critical security updates because they are scared that they will end up with a lot of extra work or a much worse situation if they let you have your way.

should always keep the user centric
should be incremental and security or bug fixes only
should never update a user interface without allowing the previous one to be used as the default
should never be used to install telemetry or spyware or to re-enable it if it was previously switched off
should never be used to install other software packages without the users explicit consent and knowledge
should never change the format of data already stored on the system
should never cause a system to become unusable or unstable
must allow a revert to the previous situation
must be disablable, in an easy and consistent manner for instance on mobile devices
should never cause the system to become inaccessible or restarted without user consent
should always be signed by the vendor to ensure that the update mechanism does not become a malware vector
should never cause commercial messages or other fluff to be included
should never cause configuration details to be lost
should always be backwards compatible with previous plug-ins or other third party add ons