OS Auto-updates - Risks vs. Rewards
This www.rebol.net server went down for several hours yesterday. Upon examining the logs, it appears that the last major activity on the server was an OS auto-update. The same thing happened last week on the our mail.rebol.net server.
I must openly admit that I'm not in favor of auto-updates. Yes, I realize that the constant update approach is the current mindset for the computing industry. The primary assumption is: software is always broken, so it needs constant updating.
There is some truth to that, but you cannot apply it over all systems. In fact, over the years, I've found the opposite to be true.
The pattern first came to my attention in 1979 while at Hewlett Packard. We had these huge and sophisticated copy machines. You could copy an entire manual with the push of a button. They were normally very reliable, but every month the copiers would go down. I began to see the pattern. They failed just after "preventative maintenance" was done.
I've found the same to be true about my cars. The more I take them down for maintenance, the more problems they develop. What I began to realize was that often the people who perform the maintenance work are not as careful as those who built the product in the first place. At the factory, every part is installed to a precise specification. This lowers repair costs during the warranty period (when the manufacturer must pay for the repair). But, the local repair shop cares a lot less about factory specs. It's all about making money.
And there's the point, isn't it? If our servers are always auto-updating, then they can never be truly stable, can they? (Well, at least not according to my definition of the word.) They will continue to have "little problems" that require a support staff, that must answer questions, that must make fixes, and make money from the process. This has become a cornerstone of our modern society. (Need proof? Just look at how many people are employed worldwide to fix problems with Microsoft software.)
On the other hand, I have several in-house servers that are running old OS releases from years ago. These systems are my workhorses. They are so stable and reliable (and simple to operate) that I keep track of their installation CD-ROMs... so that when their hard disks finally wear out, I can reinstall the same old reliable server OS.
Now, I know what you are thinking: One of the main reasons for OS updates is to repair security problems. Right?
Yes, that is true, and for some operating systems like Windows XP those patches are critical to prevent your computer from being totally hijacked while simply browsing the web. And, as such systems have become more complex with patches on patches, they introduce even more security problems, so we are in a never-ending spiral.
But professional operating systems, unlike XP, don't have as many of those same issues. Their fundamental design is more secure from the start. Such systems do not require constant updating to keep them secure. In fact, the more you update a stable, reliable system, the more prone to failure (security and new problems) they can become. In addition, those security patches are most often for newly developed parts of the system or rarely (if ever) used applications and modules.
So, you have to weigh the advantages and disadvantages against your specific operating situation. In the end, if you find your system going down more from OS updates, you need to seriously question the necessity of such changes.
I can tell you this: the server systems that we never update, run for years without reboot. And, that's stable enough for my purposes.