Windows 10 especially has a nasty streak with updates, and while security updates are smart, forcing new content updates, advertisements, and spyware into the Tuesday fast track teaches users that the only way to be safe from Microsoft is to not take software from them automatically.

"Do you want to upgrade to Windows 10? Press the hidden button to cancel, otherwise upgrade commences." This is how malware works.... But published and pushed by MS's own channels. And his jab at people who say that turning off WU is similar to anti-vaxxers is completely inane and false - we know the damage Microsoft has done to user's computers.

In reality, I'd rather they upgrade to Linux. Those machines wouldn't get bit by this, unless you run the executable with WINE. But I blame MS for being spammy and spyware-y and malware-y, which encouraged users to turn off harassing and onerous updates.

Because many people can't fix it when that happens.

So they'll either infect their PC looking for a solution, or be told what they need, and how to do it.

By the way, updates are also linked to the Windows Store.

- it would not potentially brick their computer

- it would not install all kinds of spyware

- it would be a net benefit to the user

- it would not be used to further MS's business goals at the expense of the users

Telling people not to turn of Windows Update is putting the horse behind the cart: Tell Microsoft to start respecting their users, then tell people to turn on Windows update.

Fat chance of that happening though.

Most people don't know/care about Windows Update pushing features.

However most people DO care when their computers spontaneously reboot themselves with no warning (sometimes even in the middle of "active hours"!) which is what msft has set by default (and indeed has/had no UI to modify in some versions of Win10)

I disabled it a long time ago and haven't looked back. Get back to me when MS starts remembering their customers are human beings again.

Blaming the users is nice and easy, but Microsoft definitely deserves half of the blame (if not more).

I'm fully aware that there are countless ways to stop windows from updating. MS never attempted to make it super hard just hard enough so most of the people who absolutely should not turn it off are also unable to do so.

1. low risk of catching random malware (which so far is zero)

2. 100% chance of getting microsoft nagware

So yes, actually I consciously disabled windows update, because of the two, "get windows 10" is more annoying.

This is on my gaming PC though, so in the worst case I'll simply restore it from image and re-download games from Steam. So as I said, generally I do agree ;)

In fact, there's a "run security updates only" option, which Microsoft provides, but which they deliberately and blatantly violated, by pushing their non-security updates through.

If Microsoft wants to stop this happening, then they need to provide a "security updates only" option, THAT ACTUALLY ONLY PROVIDES SECURITY UPDATES. This is not a hard concept.

"Turn off Windows Update" is indeed a suboptimal choice, like you say - what you should ACTUALLY be recommending to users, is to ditch Windows entirely if at all possible, and switch to an OS that is both secure and doesn't ship antifeatures.

I disagree. Would an average user, the kind of person who is going to trust updates from Microsoft and leave them on by default and therefore wind up installing in this case in the first place, necessarily realise the significance of one extra confirmation dialog? People are notoriously blind to such messages, so I'd want to see exactly what that extra human intervention involved before making any judgement here.

If you adopted the policy of only installing security updates, which plenty of people did after GWX if not before, you didn't get that other junk anyway.

The way Microsoft have actively made it more difficult to install only security updates on older versions of Windows recently is yet another reason not to trust them with updates you can't control at all on newer versions. They brought this mistrust upon themselves by abusing their position deliberately and repeatedly, so I don't think anyone can blame the sceptics.

The really sad thing is the number of people, even here on HN where you'd expect to find relatively well-informed discussion, who completely miss the distinction between security updates and updates more generally when debating this issue. I mean, we are literally talking about an organisation that pushed out an entire new operating system via the update process, and they deliberately did so in such a way that many people now have that new OS and didn't necessarily want it or actively did not want it.

The default attitude of most people I've interacted with regarding technology is apathy. If it works, they're happy and they leave it alone.

Do you really think that a significant number of non-tech people would have gone to the trouble of looking up how to turn off updates to their facebook/email/google machine if Microsoft hadn't caused a massive shitstorm with their forced update BS?

The vendor is entirely at fault for making stupid short-sighted decisions that caused users to lose trust in the update process. No amount of handwaving can change that fact.

We spent the entirety of the late-90s/early 2000s complaining that MS didn't force updates on users, so these massive worms were infecting half the internet with exploits that were patched YEARS earlier.

It took moving a mountain to get MS to enforce patching of consumer systems, to sit here now and claim that's malware is both irresponsible and ridiculously short-sighted. Without mandatory patching, I can say without exaggeration that the entire internet would be less safe. Anyone spewing that nonsense is either too young to remember how horrible things were, or too stubborn to acknowledge it was the right thing to do whether they personally agree with it or not.