Automatic app updates out, this method in.

Automatic app updates are a bad idea. Apple should recognize this by now. In case you, dear reader, aren’t convinced of that, here are some simple reasons why automatic app updates are just no good –

  1. Software is buggy – how many times have you heard that “we shouldn’t get the dot zero version of that software”? It’s almost a maxim in the enterprise world – unless you deeply trust it to not break your current setup, don’t get that update. So why should we be so cavalier about software updates for our personal devices? We shouldn’t let developers decide the de facto time when we get an update.
  2. It’s a vehicle for disruption – and not the good kind. App updates are great if they’re well thought out, streamlined, and work. But more often than not, they introduce changes which wouldn’t sit well with you and your workflow. How many of us regret updating to some version of iOS that slowed down our devices to hell and there was no recourse? Why do we trust third party developers more than we trust Apple in this instance? If I don’t know exactly what is going to change in the update, why should I update it? Which leads me to the next point…
  3. Automatic app updates are evil – Yes, they’re evil. How many times has Facebook slipped in something nasty and you didn’t even know it till you got the update? There are two types of nasty Facebook has slipped into your devices over time – the first is when they change the user agreement. So often, we would go to the website and Facebook would make us check a box and hit Accept before letting us burst out our Likes and jealousy. We’ve all brushed past those to chat with our friends. The same applies to app updates. You open the app to answer the call of a notification and an annoying pop up tells you to just say YES before you can do what you came here to do. What option do you have other than to stab that yes button? The second nasty is the more insidious version – Facebook has been able to slip in all kinds of dirty code, tracking features, and nasty experiments into our apps simply by adopting frameworks that let them remotely update our apps, and by using vague release notes that just said “making some improvements”, even when they were shipping major changes to your Facebook and Instagram experiences. This must stop, and the easiest way to make them stop (even though we’re too far gone now thanks to their remote app update frameworks), is to stop automatic app updates.
  4. It’s bad for security – This goes against everything you’ve ever heard. “Automatically updating software is great! It keeps things secure!” Until, it doesn’t. Software is eating up our life and yet, pretty much all of us are rather careless about the security of our apps and services. For most technophobes, automatic app updates are both a boon, and an excuse to hide behind. “Hey, I keep my apps updated, but I still got hacked!” Well, did you consider 2FA? Did you try to understand whether you’re using insecure communication over insecure networks? Did your app have the requisite features to protect your privacy, like data encryption? Are you using the same password for fifty services? We would all be more knowledgeable about all those questions if we bothered to understand what goes on in the making of our apps, the design decisions taken by the devs, and the shortcuts they take to ship sooner. Which leads to the next point –
  5. It’s a surprise! – it feels great to open an app the first time in the day and notice that something has changed overnight, but more than once, I’ve been bitten by apps that changed their business models, removed features, and made decisions that affect me, without so much as bothering to explain that a change is coming. This attitude is a right that a developer feels about a piece of code that they’ve written, but it’s a piece of code that I licensed from them and is running on my machine. They should not be able to decide how that code changes for me. By removing automatic updates, we’re forcing developers to explain why we should be getting this new update, rather than letting them get away with “we removed bugs!” or the boilerplate crap big tech companies throw at us.

Until things change and developers become better documentation writers, and tech companies stop lying about the code they’re sneaking into our machines, I have one suggestion –

Don’t do automatic app updates. Do expiration-based ones instead.

Right now, automatic app updates are an all or nothing deal. You either trust Apple and third party devs completely, or your don’t. I fall in the latter category and I couldn’t be happier! I know that I’m gonna get exactly what I paid for an app (especially if it’s free), and it’s going to work exactly as I expect it to for a long time to come.

Well, almost. Apps often have massive API changes, or security updates that are absolutely essential. The only way for devs to push those through is to expire the version of app currently installed on your devices, and force you to update (when you open the app the next time, at the crucial moment when you actually need the app). I’ve seen a lot of important updates like this, like when my banks update their APIs, or my insurance firm tells me to get the update else I won’t get continued service, or my grocer decides that I can’t get to my weekly ‘one dollar off’ coupons until I get the latest and greatest app update they’ve pushed out.

OK, that last one is silly. Apps like my grocer and my insurance app should always work. If I’m in front of a cop who’s asking for my insurance info, it would suck if I have to tell her that I have to update my darn app before I can show it to her. Also, why the heck does my grocer need to update the app once a month? Haven’t they heard of APIs?

Situations like those cause me to propose the solution I’m presenting, though, it’s obvious that it should be taken with a pinch of salt, since it’s not the perfect solution.

Here’s what we should do –

Apps shouldn’t get auto-updated. Instead, this should be a deliberate process. We need to be able to approve everything that goes into our devices. Yet, some apps are essentials, and though I don’t open my insurance app every day, when I open it, I expect it to work instead of showing me a banner to update the app before I can continue. So those essential apps should have two options – either I let them auto update completely, or I let them update only when the app is marked as ‘expired’ by the developer. The benefit of the latter approach is that devs should have a legitimate reason, such as changing their API drastically, that should drive app updates. Does this put more strain on Apple’s app approval process? Yes. Let’s make them earn that 30% they take from the devs, and the hundreds of dollars of Apple tax they collect from us.

I’m not interested in the smaller updates. I’m interested in keeping my apps available when I need them. So if I can skip the small ones and only get the big, breaking news updates, I’ll be a happy camper.

But this may not suit everyone. Some people don’t care about how and what changes are coming to their devices, but that’s what got us into this mess before with Apple and the battery issue which Apple effectively cheated and lied to us about, and Facebook and every privacy scandal they’ve been able to walk away from.

I believe that if you want to remain that kind of person, you have the full right. So I would love to see all of these options incorporated into the next iOS, or the one after that. The future is customization and personalized feature sets for everyone. It’s more expensive due to that, but that’s just where we’re headed. Hopefully, we’ll get to enjoy some good software on the way.

A couple of things about the iPadOS.

To me, this is the most exciting consumer announcement at WWDC today.

Everything, from better copy/paste (that terrible tap UI be damned), to the new Apple ID based app sign-in (it’s been a long time coming), to the fact that you see footnotes on the iPadOS page for the first time at about 70% down the page (when they mention speed improvements, which are already a sore spot for Apple), tells me that Apple has finally accepted that the iPad is not just a ‘bigger iOS device’ but a thing in itself.

Some of the ideas they’re throwing at us are reminiscent of OS X jiggery-pokery (like Today widgets, and App Expose and app spaces), while others, like Apple Arcade (gaming subscription service; akin to Amazon FreeTime Unlimited) seem like good improvements that Apple needs to keep their services business growing.

Apple’s long road to merging Mac and iPad app development is on the cusp of breaking out, and their continuity and handoff features are getting better and better.

The best part was the range of iPads that this new OS supports, which is a good job, well done, Apple.

I realized recently, that we use our iPads horizontally almost exclusively, and Apple should ideally twist the Apple logo in the back by ninety degrees. Perhaps this software change is the first step to embracing this new mentality.

Security vs Usability

I’ve come to a point where I do **not** update apps, plugins, software in general. I know that’s a regressive approach to safety, but safety can’t keep trumping usability all the time.

Source: My comment on Stephen’s Notebook

 

Every few days, I have a conversation about security vs usability somewhere. With my iPad Mini, I blindly trusted Apple to do the right thing and they’ve screwed me over. It’s a beloved device, destroyed completely by iOS 9.

So I’ve basically given up on this bullshit harp that companies sing of ‘security’ to shove software updates down our throats. Sometimes it’s their stupidity, and sometimes it’s just them being sinister. The new Microsoft is the old Microsoft. The benevolent Apple is an insidious Apple. Don’t get me started on Facebook, twitter, and Google. Gmail is just the latest casualty of our overzealous overlords.

Yes, security is a big problem. Yes, it needs constant vigilance. But just like national defense budgets, one key phrase doesn’t allow organizations to completely railroad people’s expectations, asks, hopes, and in this case, UX.

If you’re concerned that by not updating software, you’re living on the edge, restrict the things you do on that device, while keeping other devices that are completely updated and secured. Use only frequently updated third party browsers instead of the default options. Read up on the latest security scares on the Internet and just be aware of the situations you can get into. But most importantly – back up. Make frequent backups of things you care about. I don’t care if it’s as much as letting iCloud run its course every night, and Google Photos siphoning off your pics. Just do it so that if you brick your device, or get hacked, you’re not set back a hundred years.

99% of security is just keeping your eyes open.

Some Windows tools

I’ve been using Windows as my choice of office OS for a long time. I have a Mac at home, but for office work, Windows seems like the best choice. But not Windows itself. It is the apps that make it my go-to OS and often I find myself looking at OS X and thinking, “well I’m glad I have Windows too!”

Here’s a small list of Windows apps which I use on a daily basis –

  1. Sublime Text 2 – the less said about this, the better. This is the King of code.
  2. WinSCP – you know how you want to find a simple tool to send files to your servers and just can never get the workflow right? Or you want to quickly edit your linux VPS’ .bashrc and hate ssh-ing, then opening the file in vim/nano/emacs/pico/whatevs? This is it. Easy to use and manage. Right-click-Edit to open any editable file in the right editor (mostly Sublime Text for me). Or move files in and out of servers with ease. When I want to look at large log files and can’t be bothered with the CLI, I open them in Sublime Text through WinSCP.
  3. mRemoteNG – I have yet to discover all the awesome features this tool has. Manage your SSH/Telnet/RDP/VNC connections in the same app, organize everything into folders and export the connections as a file in Dropbox for ultimate portability. I recently discovered that if you punch in google.com and connect using HTTP/HTTPS, mRemoteNG fires off its in-built browser for your convenience. Woah!
  4. Rebex Tiny SFTP Server – recently, I got a Windows VM that I needed to send some files to. It was hooked up to the network, but not really setup. I looked for a solution and found rebex through this site. This thing works like a charm! I fired it off and started the default session (username: tester, password: password). The next moment, I had connected to it using WinSCP and was throwing files at it like a pro.
  5. CLink – I’ve only recently added this to my workflow. It makes the Windows command line so much better. The most important thing I needed in there is a persistent history, which Microsoft has till now ignored. CLink does the job and then some!

Notice that I’m talking about a very specific environment here. I’m in the networking-software testing world. But if you’re ever in a fix about what tool to use to edit code on Windows, or fling files between two networked but not truly connected machines, or are looking for a way to SSH into your servers across the world, these are the best tools out there.

I may add tools to this list as I go about discovering what else is out there. But that’s all for now.

License, don’t acquire

Silicon Valley has a bad habit – that of buying outright any company that might prove useful to them and the tech community. When Google bought Waze, Facebook bought Spool and Pinterest bought Icebergs, they all did it to bring to their platforms, users and companies, ideas, technologies and features that they believed would be a good fit with their own setup.

But they did it wrong. Waze is a great app and when it finally disappears (as do all Google acquisitions), it will be a great loss for it’s users. Waze has a unique UI, a dedicated user following and features that are not at all present in Google Maps. While the integration went well, Google Maps is an overloaded app with too many features. Eventually, they’ll simplify and drop a few features, getting rid of many core things that Waze is known for. In no circumstance will Waze ever recover from this setback.

Continue reading

The Decreasing Value of Physical Goods

Today, most of us are spending so much time online and on our smart devices that I feel that the value of physical items in our lives has decreased a lot. A few days ago, a friend took me to a store in the 29th street mall. It was a toy store that opened just for the holidays and on that day, everything in the store was 50% off. Needless to say, most of the store was empty, toys and funny calendars having been bought by people taking advantage of the sale. I bought a nice glass chess set on the cheap and then had a chat with the store owner. Apparently, this was a seasonal store that was closing today. She told me that about eleven hundred such stores open across the country during the holiday season and this one was closing that day. Everything that was left today was going back to the factories. I looked around the store for a while. Most of the good stuff that I’d seen in the shop a few days ago was already gone, but a lot of really interesting games and toys were still there.

Continue reading

A New Age of Windows Apps

Windows, for it’s spread across the world and it’s presence on every other computer you see, has for the past few years, suffered from a terrible lack of apps and widgets. While the rest of the world grew sudden mobile roots, Windows remained largely grounded on laptops and desktops. This meant that the apps that were making waves in the iOS and Android world were ported to OS X and Linux, but Windows was largely ignored.

With the coming of Google Chrome, making small widgets and apps became fairly easy. It was now not a matter of learning a complex platform dependent language like C# or a platform independent but newer languages like Ruby or Python. It was all about HTML, JavaScript and some CSS thrown together. Google Chrome handled the rest. Continue reading