Given the altnet example, there is concern that auto-updates posse a risk to people. I believe that auto updates could pose a threat to users privacy and their computer. I think that as in the sonic blue case, a company might be ordered to track it's users, and auto updates might be used to covertly install tracking software into users' computers.

I just felt like posting this poll to gather what people think about these risks. BTW, this is my first time using the poll tool.

1 there is absolutely no risk
2 there is little risk, but sophisticated users can avoid it entirely
3 there is a moderate risk, but it is acceptable
4 there is severe risk, users must be very cautious
5 there is entirely too much risk.

Does it pose the possibility of being a threat to users? Yes only if its abused. Which to abuse something like that would be suicide so i wouldnt worry.

Otherwise not having updated software in many cases is an even bigger threat which some computer users dont realize this and dont bother to update and get the latest security or bug fixes either because they have some excuse in order not too or they are just lazy.. In that case auto-update is vauleable.

Which i doubt that the group of computer users that i described care all that much about other issues like privacy if they dont care enough to keep their software up to date..

I realize the risks of not updating as well, but i am assuming that users keep track of their software and update fairly regularly. I am not trying to compare risks vs. benefits of auto updates (convenience, won't have to remember etc). The focus of my question focuses on the risk of abuse, and what could happen as a consequence of this abuse. Also, what is the risk of p2p networks, or maltioususers, doing this and users not knowing? . I will just give some hypothetical situations:

Something like this (http://www.newsbytes.com/news/02/176367.html)
happens in the p2p world

A malicious user creates a virus disguised as an update, infecting millions of computers

Some p2p companies make a deal to install content enforcers
(I.e. all "Celine Dion" files are deleted off a user's computer)

What I am trying to ask is: how plausible and/or possible are the following situations above, and how concerned should the p2p community be?

By no means am i saying that auto updating has no benefit, but what do you think the potential level of RISK is?

Hypothetically we could be talking about "what-ifs" til the end of time..

What you mentioned in the link isnt new to File Sharing or P2P and does not on the internet require any cilent side program.. Programs or 3rd parties have been datamining and monitoring the various P2P networks for a very long time. Napster datamined, and trade groups like the RIAA/MPAA hire people to monitor networks which isnt anything need as in that has been happening since napster also.

If the program digitally signs its program and takes other steps to secure the update process then its impossible for a malicious user to do something like that without physically having to break into that programs office.

If you knew that a P2P program installed an "enforcer" program then would you contiune to use either program? Also something like that I think is too risky because it couldnt tell if that person has the right to have those files because they own the cd and it could accidently delete files it shouldnt have.

If you knew that a P2P program installed an "enforcer" program then would you contiune to use either program? Also something like that I think is too risky because it couldnt tell if that person has the right to have those files because they own the cd and it could accidently delete files it shouldnt have.

So, you think there is some risk, but it is avoidable and/or unlikely to happen?

Is it possible yes. What that kinda gets into is DRM schemes and etc some of with are allready in some programs like the subscriptions ones. Sure people are at risk but once news is spread about some enforcer program then it wont be that effective.. Because of the risks of doing something like delete data off users computers i think that probably wont happen and instead things like automatically sending e-mails to isps of "offenders" and etc. is more likely.

wow... your making me more paranoid heh! :bk my auto update is OFF just incase, cos I already ran my ad aware n found some of the eZula stuff...

I like what you say seph - If people are smart enough to update and know what they are doing there isn't much problem doing it. I might add that there are updates you should research very carefully like Windows media player. They are adding DRM to the version 9 I think and in this case you would be better off sticking with an older version.

auto update is okay....as long as you always know exactly what you are getting every time.