[Bug 158715] Periodically call home to check for need for update due to security vulnerability

[bugzilla-daemon at bugs.documentfoundation.org]

https://bugs.documentfoundation.org/show_bug.cgi?id=158715

--- Comment #21 from Eyal Rozenberg <eyalroz1 at gmx.com> ---
(In reply to Mike Kaganski from comment #20)
> (In reply to Eyal Rozenberg from comment #19)
> 
> Appstore versions are *expected* to be managed by appstores.

When it comes to users' security, we should s/expected to/hoped to/ . IMHO we
need to take some extra precaution beyond the point of what should be somebody
else's responsibility. 

> If users rely
> on that, it's the appstore packahe author's responsibility to mark the next
> update as "urgent", so that appstore updates it ASAP.

And who's to say the app store even supports that? I'm no expert, but on my
Linux distribution, I don't get different notifications for "urgent" package
updates.

> It is *not* expected
> that apps managed by appstores start telling "update is available".

Ok, but I would argue it should be expected that when an app knows it has a
security vulnerability, it tells the user that.

> If a user opts out from an automatic update mechanism of the appstore, they
> know what they are doing.

1. Some app stores may not even have automatic updates. 

2. It is rarely a reasonable assumption that users know what they are doing. Or
perhaps I should say: In a large body of users of varying levels of computer
use literacy, for every action or inaction - many users do not know what they
are doing when engaging in it. Maybe they're clueless, maybe their mouse
slipped, maybe they weren't paying attention, maybe they misread, maybe
somebody else touched their computer and didn't care what they doing etc.

-- 
You are receiving this mail because:
You are on the CC list for the bug.