Hi, I am usually on a limited plan internet and having software updating without my consent is no fun to say the least. I understand that most people don’t even know what does a browser update mean, but I assume that a lot of tech savvies are using Brave and would appreciate having the option to disable auto-update since releasing an update every week or two can add up. We’re not asking for a lot here I think, so please.
By the way, I am using Brave on Mac.
After almost two weeks without me getting any response, I totally understand why this guy is so pissed
Those who want to use Brave for actual app and dev work instead of just posting cat pictures on facebook are out of luck. Controlled updates are a must for serious usage, something that Brave completely ignores to cater to the normies. They broke all of our apps today with the lovely 1.10.93 udpate, and just lost a bunch of users. We aren’t going back after this. Congrats guys!
For me, Brave automatically checks for a new version, but never downloads it automatically. Instead, I get a polite popup reading, “A new version fo Brave Browser is available! … Would you like to download it now?” with a link to the release notes as well as buttons to “Install Update”, “Remind Me Later”, or “Skip This Version”.
What wizardry have I performed for this option? I simply don’t log in to my computer as an admin user.
MacOS handles this beautifully; when software I’m running needs admin privileges (for instance, after choosing “Install Update” above), I get a prompt from the operating system for a username and password with admin privileges. This is a small price to pay for the added control and safety I get in return.
I highly recommend it!
NB this behavior could change in future versions of Brave; I see that in issue 9562 – https://github.com/brave/brave-browser/issues/9562 – this behavior is being treated as a bug. That is the Google Chrome team’s attitude as well; in Chrome, there is no user-accessible way to turn off autoupdates. The primary motivation is security: to keep browsers secure, you have to feed them autoupdate bandwidth. It’s not about belittling or patronizing users; it’s about shrinking the practical attack window for a given exploit as much as possible, so that exploits can’t scale as well, so they become less valuable. Autoupdates make us collectively better off.
I’m glad it’s being treated as a bug, but here it is the 27th and it’s still doing it.
Reducing the attack surface works just as well by checking for updates the next time you launch it. I launch Firefox and get a prompt, ‘Would you like to update?’ I let nothing update when I am not a direct part of it; over so many years we have learned that auto-updaters are a great target for malware.
Having my firewall popup while I’m in an online tournament is not exactly welcome - nor is any bandwidth being used for other purposes when latency is of utmost importance.
We all know Google too well - updaters that came bundled surreptitiously with other software, severe malware that gets past their scanners on the Play Store (now some that have nearly no hope of being removed from phones)… my point is, computers are fallible from 1. bad decisions made from faulty interpretations, 2. just plain bad behavior (nose-thumbing at privacy and ownership laws), and 3. laziness.