Why Don’t People Update Software?

I, for one, welcome our new robot overlords.This question applies to personal software more so than IT-supported software.

I understand the complexities involved with taking updates to software that IT is on the hook to support. What I don’t get is why people aren’t more vigilant with their own software, specifically browsers and O/S.

Over the years, updates have become more in-your-face, with good reason. They’re usually bug fixes that you should take to prevent bad things from happening to you on the interwebs. Bugs happen, and you’d think the pop-up message, system tray notifier, or bouncing update icon would be enough to get people to pay attention.

Not so much.

For example, I routinely perform updates on my wife’s computers. I asked her one how she managed to ignore the Mac’s Software Update bouncing icon. That thing drives me nuts, so I’m happy to address it, which usually means taking the update.  The only times I wait on an update are when it requires a reboot or when I’ve read people are seeing issues with them, typically this applies to OS X patches.

In the latter case, I’ve learned the hard way.

Reboots are a pain when you’re cranking out work, so I doubt I’m alone in that practice. But, I always make a mental note to go back and install the update.

Why? I guess working in development for a decade helps you understand that updates are generally a good thing.

IT gets this too. We get monthly reminders to take the Windows patches for XP, which is a required step for everyone runing Windows. It just makes sense to patch because the risk of running a vulnerable system can be high. Obviously, this is what botnet masters rely on to build their networks of zombie machines, and they’re still quite successful, even though the software makers do everything they can to scare and annoy people into staying current.

Thinking about this, I wonder if updating is a function of use, i.e. infrequent use leads to a backlog of patches. I suppose if I only used a computer a couple times a week or even once a day, I might not be in a hurry to download large patches and wait for a reboot. That would reduce the utility of my computer time.

Maybe the process is intimidating to people, or maybe they don’t trust updates. Like my wife, maybe they’re just good at ignoring the update notifications; she probably thinks I’ll do it eventually. Plus, being married to me, I’m sure she’s a pro at ignoring noise 🙂

I can’t really come up with the reasoning. Can you help?

So, maybe silent updates are the solution. Research by the Swiss Federal Institute of Technology (ETH Zurich) and Google Switzerland found that within three weeks of the release of Chrome version, 97% of users were using it.

The full study, “Why Silent Updates Boost Security” has some pretty interesting information. It could be a bit skewed; after all, Google participated, and Chrome came out on top. Plus, the Chrome accounts for less than 10% of the overall browser market. Still, the silent update that cannot be disabled seems to have legs as a good way to keep people safe, assuming your patch is solid without regressions and without breaking dependencies.

As we all know, that’s sometime a tenuous assumption.

And, Firefox and Chrome still represent a pretty highly skilled user-base.

Beyond the factors that could influence the numbers, the method for signalling updates could matter. IE and Safari updates are delivered in the same fashion as O/S and other software updates, which probably contributes to a lower percent of uptake.

I like the way Chrome does updates. In fact, I didn’t think it had an update function until I stumbled on it by accident, hidden away in the About Chrome dialog. This seems like the best way, at least right now, to force users to stay updated. I’m surprised Apple hasn’t gone this route for at least Safari; it applies to the 80/20 rule of users. The 20% are vocal because they want total control, but the other 80% are blissfully unaware and safe.

What do you think about all this? Why do people skip or ignore updates? Do you? Why? Is the silent update the best way?

Find the comments.




  1. Good question. As someone following (at least passively) the development of apps and OSes, I'm usually eager to get my hands on new updates, even if just to try any new features and enhancements. I may postpone applying OS patches for the reasons you described (issues with other users & reboots), but usually trying to keep everything as up-to-date as possible. Also with other people's computers (guilty of applying security updates on friends' computers without their consent – so sue me).

    I think there's a common confusion among the great unwashed masses about what updates actually do. If you have witnessed just one unsuccessful update that borked your box, you are less likely to apply updates in the future, even if a dozen notifications tell you to do so. If you haven't had that experience, there's always the old proverb, “if it doesn't *feel* or *seem* or *smell* broken, don't even dare to try to fix it” – most people are happy with the status quo and are afraid to try any tinkering that might interrupt their day-to-day business. Updates are seen as either something that could potentially break things, or as something that doesn't really affect you as nothing is broken.

  2. I always take any virus, system, security or tech updates updates – unless it's anything remotely associated with seaking a new version of Internet Explorer onboard. I just love doing Ubuntu upgrades, but have to say what seems like the constant pushing of iTunes updates is a big pain in the arse, and the Firefox updates are becoming an irritant (it's gotten slower, and annoying especially if you have a bunch of plugins and applets that become incompatible with each rev).

    To answer your question, NOT doing upgrades is probably a function of the user's experience and frequency of use. You'll probably find the same users dont have virus protection and have downloaded daft files left, right, and certain. They just don't think they need it.

  3. If it were only my computer, I'd have no problem installing updates, at least from the reputable companies. As it is, I install OS updates religiously, even the ones that affect the Hungarian implementation of Visual Basic. And I'll install application updates for applications that only I use.

    But what about updates that make major changes to the look and feel of an application? For some users, the need to re-learn everything is of greater concern than any functionality or security increases an update may provide.

  4. Good point about the “if it ain't broke” mentality. Funny that in this case, it's the opposite. How can these people get an education?

  5. Re. Firefox, you probably have too many add-ons 🙂 I culled mine years ago and have only kept a few select ones since then. There is a way to force add-ons to work in new versions, but your mileage will vary, wildly, depending on the add-on.

    I like “they just don't think they need it”. Totally true, and right in line w/Joonas' point about “if it ain't broke”.

    Viva la silent update. It would help nuke all the IE6 installs too.

  6. You have your own computer, don't you?

    Changes to UI and major feature updates are usually pushed as new versions. So, I guess I should differentiate between updates (bug fixes, minor tweaks) and new versions. Frankly, not that many companies give away new versions, and even if they do, you aren't forced to take them.

    For example, FF2 is still out there, even though it no longer gets updates. Mozilla asks politely that you go to FF3, but you're not forced to do so. They'll do the same thing with FF3-3.5. In that case, they make it clear that a) the old version isn't getting any love anymore and b) the newer version is better.

    That's fine for new versions, absolutely not fine for updates.

  7. I'm with you on the “Eh, I don't want to reboot right now” thing. For me, that often extends to not wanting to disrupt my workflow by restarting my browser. Otherwise, I'm a fairly religious about keeping up-to-date, particularly when the software acts as an enabler. Funny thing is, I didn't really get that way until I started using a Mac. When I ran Linux and Windows desktops, I was more concerned about introducing something that would break my working environment, so unless it was broken (or a security update to IE, when I had to go there), I didn't fix it. In other words: what Joonas said.

    Not meant as raving fanboi™ Apple boosterism, just an observation about my behavior.

  8. Ah yes, I forgot to mention that Chrome does a silent install and applies the update w/o a browser restart (I think). Pretty slick.

    Re. O/S updates, I shared that fear with Windows, always using the expert/advanced setting to review the update manifest. I used to take all the Ubuntu updates, but now, after all the kernel panic issues I had, I'm a lot more selective. Same w/Mac before that O/S update nuked my machine for a couple hours.

    What about your parents and other non-technical relatives and friends? Do you think they're scared of upsetting the karma by installing updates?

  9. What I hate is having programs trying to run something at OS startup to check for updates when all I want to do is check email and not even run that program. But I also hate having programs trying to check for updates when I want that program to start up too. And I hate the thought of leaving my PC on full power overnight to get updates when I'm asleep.
    So I guess I want a single process that magically fires up when I go for a coffee. Ubuntu seems fine. The Update Manager kicks in a couple of minutes after boot up and does everything in the background.

  10. Couple reasons why I ignore updates — biggest one is the reboot. Esp. on the mac that is playing my music in the house, I don't want to stop that to run the update (and yes I ignore the bouncing icon for a very long time too, maybe it's a girl thing and it's related to noticing the trash can is full?). In the case of applications like TweetDeck there is also a trust issue as a few of their updates have hosed me up.

  11. When, oh when, will Chrome for Mac be ready for mere mortals like me? *sigh*

    I avoid asking parents and non-tech relatives too much about updates, lest I be asked to help. 😉

    Actually, I know my parents update their antivirus software, because it prompts them. I'm pretty sure, however, that they let Windows Update slide, for fear of upsetting the house of cards.

  12. I'm happily running Chrome and Chromium on both my Mac and Ubuntu machines. They're pretty fully baked now, minus Flash support. I'd say Chromium is a bit closer, but either way, you can't go wrong.

    Ah yes, I remember anti-virus 🙂

  13. Mac runs in the background on a schedule too, but you then get the bouncing icon if there's something new. I do like that in Jaunty the Update Manager is completely hidden, no more icon in the top panel. Although it's more of a chore now, remembering to look for it. I've been finding it open in the background in one of my workspaces, waiting.

    There's probably an idea there, the uber-updater that scans all your installed software for updates and classifies them as critical, requiring reboot of the O/S, or of the application. Would be nearly impossible to pull off though.

  14. You're getting at a utility thing there. I don't find TweetDeck to be critical, since I can go to Tweetie or web, if I need to watch Twitter.

    O/S updates are different. /me shakes finger.

  15. I guess these guys fall into the category of people who never do backups.

    It's like cleaning your teeth. People learn when they lose something…:)

  16. Just to be clear, I am with you on updates, I always update when its my mac. For many updates are a no-no for windows because of the 'Vista Effect', upgrades are not always better.

  17. I remember hearing that about Vista, never used it. That can't help the overall problem, having major problems with the important updates.

  18. So, as I mentioned, I get why businesses can't always take updates, but person users should. Chrome installs and applies w/o a reboot, so that approach would have saved your uploads. O/S updates fall closer to the business use case, but there's still room for improvement there.

    Maybe a message if your network connection is active?

    I did notice the Chrome logo's likeness to Simon, but I don't know if I included it in my post. I prefer the ominous resemblance to HAL for obvious reasons 🙂

  19. I configured my mother-in-law's machine to auto-update IE & FF. She is “trained” (as is my mother) to never click on anything (that pops up) that she does not understand. And neither my mother nor my mother-in-law understand anything about computers. They both follow a hand-written script for starting the browser or word processor. So, for them the auto-updates make sense.

    For me, I installed Chrome and it suddenly slowed my machine to a crawl while trying to do an update (I was in a place with a very intermittent connection and was only lucky that I happened not to be paying for the connection since I was traveling in India) and I then realized it was not asking me for permission. So, I uninstalled it (I also did not see where they clearly guarantee not to take information off my machine, but maybe they did bury that guarantee somewhere).

    Also, if you are a new Palm Pre user, I heard they were able to synch with iTunes and so Apple did an “update” to disable that. Nice.

  20. I can see that auto-updates would be baffling if your connection suddenly went slow for no apparent reason.

    Maybe the default should be auto-update, Chrome-style, for less-experienced users, and triggered for power users? That might work.

    You weren't surprised that Apple dissed the Pre, were you? That's not going to end well.

  21. Yes, in fact, that's the way I set it up for friends. As for Apple and the Pre… not surprised at all. On the other hand, since other Apps like Media player seem to have no trouble reading the iTunes set up, it should make it easy to synch with a Windows-based machine and I would think it would be easy to create a Mac-based synch. But what do I know?

  22. 3 reasons: updates can produce unpredictable results, deficient is not the same thing as broken, it's inconvenient.

    To update the iPhone for the MMS issue requires #1 that I trust Apple has fixed that and not meddled with other things #2 wait a half hour while it performs the update #3 play the Rubic's cube game of rearranging my icons to the way they were before the update.

    My 2 cents.

  23. Weird, my iPhone O/S upgrades stopped rearranging my icons a long time ago. I just did the 3.0.1 upgrade on Friday, and it did take about 20 minutes. Funny that it actually freed a dozen or so MB of space.

    Your reasons are solid, but I still think auto-applying is the way to go for security vulnerabilities, at least for n00bs. It's funny that two of your three reasons actually are what people are told to see as the hallmarks of viruses.

Leave a Reply

Your email address will not be published. Required fields are marked *