Apple, Microsoft to leap on app auto-update bandwagon
Fall updates to iOS, OS X and Windows will automate app patching, another step in removing responsibilities from users
Computerworld - By this fall, Apple and Microsoft will have followed in the footsteps of Google to automatically update apps on their mobile and desktop platforms, another step in the trend to take security out of users' hands.
"This is one of the best things we've seen in security in the last decade," argued Andrew Storms, senior director of development and operations at San Francisco-based CloudPassage. "Historically, we've always relied on the end user to update, and praying that they do so. Auto-updating means that the moment [a new version] is released, the majority has the most secure code available installed."
Google's Android and Chrome OS -- the latter based on the Chrome browser -- automatically update installed apps, silently and in the background, without bothering the user.
Both Apple and Microsoft will mimic Google later this year, when the former ships OS X Mavericks for the Mac and iOS 7 for the iPhone and iPad. Microsoft, too, has committed to app auto-updates, a feature that will debut in Windows 8.1 this fall.
On Windows and OS X, the new approach to app updating applies to just parts of their software ecosystems.
Only Windows Store apps -- those the company calls "Modern" but which many still dub "Metro" -- will auto-update. Older, traditional Windows apps, those that run on the old-school desktop -- will not.
OS X Mavericks is in the same boat: Only apps downloaded and installed through the Mac App Store will update hands-off. Software acquired through other channels -- downloads direct from the developer, for example -- will remain the user's responsibility.
Although legacy applications on Windows and OS X are out of the auto-update loop for now, many applications offer their own auto-updates. And third-party patch managers for enterprises and consumers -- an example of the latter for Windows is Secunia's Personal Software Inspector (PSI) -- are available to fill the gaps.
"The question becomes, how much more can be automated?" said Morten Stengaard, the CTO of Secunia. "Frankly, the more automation the better, because we cannot keep up with all the patches available."
This fall's roll-out of app auto-updating on Windows, OS X and iOS 7 is only the latest in a continuum of similar moves over the years to remove the weak link -- the user -- from the equation, Storms noted.
"What we're seeing is the operating system [makers] putting a stake in the ground, that moving forward, this is the best way to go," said Storms.
Operating systems like Android, Chrome OS, iOS, OS X and Windows have long offered either partial (as in the case of iOS and OS X) or complete (Android, Chrome OS, Windows) auto-updates to provide patches; the Chrome and Firefox browsers have gone to fully-silent updates; Microsoft has enforced auto-upgrades to its Internet Explorer (IE) browser; and the most popular plug-ins and add-ons, such as Adobe's Flash and Oracle's Java, have shifted to a more hands-free model.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts