Published by Kaitlin Balasaygun
“That screen-blocking software update notification that keeps coming back may be annoying to a phone user, but ignoring it for too long is a mistake.
Many consumers opt to not have phones set to automatic update. Once the day begins, these notifications can pop up at inconvenient and distracted times — while you’re rushing to make a call or send an email or text — but smartphone software updates are primarily designed for your benefit.
Companies including Apple and Samsung, as well as Alphabet’s Google which makes the Android OS, are constantly working on security and user experience features in annual updates and more periodic updates to fix newly discovered bugs.
Apple’s current operating system iOS 16 launched this past September, and it boasts many new features: the ability to edit and unsend messages; set multiple lock screens and set Focus filters to limit who you receive notifications from; privacy and security updates like Safety Check so victims of domestic or intimate partner violence can reset access that they’ve granted to others; and Lockdown Mode, a method of extreme protection against cyberattacks.
Samsung’s Android 13 One UI 5.0 lets users customize their lock screen, create stickers from any photo and open apps in split screen, along with security updates like warnings when sharing personal information, and a security dashboard in settings to check for and fix security issues.
Not all software updates offer an array of new features, but when they do it can feel like you are getting a new phone without added cost. Yet, many users still do whatever they can to put off the 30 minutes that a software update can take.
Where human procrastination meets technology
It’s a phenomenon that’s been studied by researchers and termed “adoption procrastination.”
Researchers at the University of Tennessee and University of Munich identify this “deliberate delay” as a coping strategy that digital product users implement to counteract the negative emotions that arise when software updates are released. Discomfort often stems from the perception that software updates will require users to relearn how to use certain features on their device and threatens their current habits. Annoyance is a factor, too, and the assumption that current functionality of their phone is optimal, so a software update would only disrupt their devices’ usability.
But there is also more basic human psychology.
“I think some of it is just the nature, ‘I’ll get around to it, when I get around to it,’” said Dr. Richard Forno, University of Maryland Baltimore County’s director of the Cybersecurity Graduate Program and assistant director of the school’s Center for Cybersecurity.
He recommends setting up a phone to automatically download and install the updates overnight when you’re sleeping (as long as Airplane mode is not set). “That’s a feature that a lot of people could and should enable, so they don’t have to worry about it,” Forno said.
Apple, Google update options
Apple allows users to decide whether they want their phone to automatically download and install the newest iOS update, or if they prefer to manually update it. Android users can choose between three local system update policies, including automatic, windowed and postponed updates — all of these policies eventually result in a device automatically updating. The automatic system policy installs as soon as a new update becomes available; the windowed system policy installs updates during a daily maintenance window that the user gets to choose; the postponed option delays installing an update for 30 days. When 30 days have passed, the system then prompts the user to install the system update.
While it’s offered, cybersecurity experts don’t recommend waiting 30 days. “For the normal user, within a few days to a week is likely fine,” said Justin Cappos, associate professor of Computer Science and Engineering at New York University Tandon School of Engineering and a member of New York University’s Center for Cybersecurity. There are certain users who are at a greater risk if they choose to put off or ignore these notifications. “If you are a dissident who is possibly being targeted by a nation-state actor, you should update right away,” he said.
When a major security update comes out, everyone should act relatively fast.
Hackers will target the flaws you don’t update
Big annual OS updates may have the flashier and more reported on new features, but security protection is a major reason why users should download all new software updates available for their phone. Smaller, incremental updates, are released primarily to fix bugs and ensure users greater protection. It’s as simple as knowing that Apple or Samsung, or any other phone maker, is indicating that your current operating system is not the safest anymore, and it is sending that message out into the world. That’s not just good for you, but for hackers looking to exploit users who don’t get the message.
“You’re leaving yourself vulnerable to attacks. Once a vulnerability has been announced and a patch has been released, attackers quickly grab that information and create exploits for those specific vulnerabilities,” said Kathleen Moriarty, chief technology officer at the Center for Internet Security.
Without the latest security patches, every piece of information on your phone is open to attack, from social media accounts to banking information to text messages.
“If you reuse passwords in different places, and they’re able to capture a password that is stored on your phone, they might be able to gain access to other applications,” Moriarty said.”
Read full article on CNBC.