WordPress proudly announced a few releases ago that minor updates would be done without the consent of any website owner. This is so security updates won’t get omitted.
I disagree. I think updates to anything should be controlled by the owner of that thing, who probably has at least password protection over how it gets updated.
If WordPress can update my blog’s wordpress installation, without my knowledge and without my permission, does that mean that they have a back door into my website? I think it does. I think that’s a bad idea. Anyone can be hacked? If the back door is known?
I don‘t (otherwise) allow automatic updates of anything on any computer in this building. If an update looks odd, I google it. If an update looks potentially risky, I back up first.
WordPress’s decision takes these precautions away from me.
Comments, anyone? Does anyone on WordPress read this blog? That’s the dumb question.
and, don’t (please) tell me to raise a ticket. I did that, and was condescended to. As one-time technology steward for CIBC specialty business, and one-time Central Computer Complex Change Co-ordinator the for Bank of Montreal, I can make some small claim to know what I’m talking about. You cannot guarantee what you cannot control, and you cannot recover what you did not know you needed to back up.
Again, comments, anyone?