first off, I'm using the appimage build for a reason, and expect the old version to remain whenever the update is downloaded.
the app has NO right to breach my PC security and replace the current version with the declined upgrade.
(this is exactly what makes electron a malware tunnel, since it's a public space app framework any hacker can take control of to destroy any target they want)
add to that it's broken anyways #3540
so that's all the more reason I should have to manually download the update, like every other appimage I use.
but most importantly, when I decline the update, that doesn't mean "go through with the update"
I expect to manually download the updated appimage I need from the releases page here.
automating this process is an insecurity.
Thanks for opening the issue and the feedback, we'll take a look. Old versions may not be supported in the future, which is why we force the updates. We'd need to add a decline message for users that don't want to and take the security risk involved.
I understand the old version support issue, and users should expect they use an unsupported version.
the decline is a preferential or security option
heck, I'm even working on a downdater for my program for any updated functionality that isn't well taken to (eg removal of a liked feature)
but also, staying outdated is not exactly a security risk
in fact, looking at the added feature in the update, you've added telemetry/analytics for bug reports, which is a security risk, I think I'll stay safer by not updating this time, as telemetry is not a feature I support.
EDIT:
additional info on the telemetry bit as to what I do support:
if a program crashes and debug data is collected, a user should be presented with a dialog that lets them know it recovered from a crash, with an option to send that crash report to the service.
users should also be shown the details of the crash if they'd prefer to manually submit a report on an issue tracker or so.
the minecraft mod community works like this, and almost nobody has any issues with it
sure the devs usually have to request the logs or such if the noob doesn't supply them, but nobody gets P'd over having to do so...
it's common practice for respecting user rights and freedoms.
anything automated just adds backdoors.
workaround for anyone concerned:
structure your directories like so:
./LBRY/ - main program directory
lbry.sh
./LBRY_version/
lbry.AppImage
./LBRY_0.39.0/
lbry.AppImage
lbry.sh:
rm ./lbry.AppImage
cp ./LBRY_0.39.0/lbry.AppImage ./lbry.AppImage
firejail --noprofile ./lbry.AppImage
I can't seem to prevent the insecurity where ./LBRY/lbry.AppImage is replaced (by LBRY) every close (and yes that IS an insecurity), but at least you can maintain a preferred version.
@tzarebczan surely it's not supposed to be replaced on every close, right?
@Tcll truthfully, we will likely to continue to ship software that upgrades rather aggressively as LBRY is changing fast and is not considered stable (hence 0.xx versioning).
However, we do respect your position on privacy and are planning to update the app so that no telemetry data is sent until the user explicitly opts in (rather than opting out).
We appreciate you sharing how users like yourself can achieve your desired experience in the mean time.
@kauffj sorry for the week's delay, but thank you for considering my preference,
and reducing analytics/telemetry?
can I at least have the option to disable aggressive updates, because that's not how appimages are supposed to work.
(it literally only takes 1 revision to break a major feature someone may rely on that can last 30 updates)
sure things CAN work like that, and you guys aren't the only ones doing as such
but there are appimage managers that take care of auto-updating stuff for you if you prefer to have that.
but at the base, appimages are designed to be independent to allow you the option to have multiple versions at your disposal.
if Blender forced updates through appimages, I wouldn't be able to use Blender because the latest version runs at 0.5FPS due to a broken library on Void Linux they won't help me figure out.
but hey, I still use Blender 2.49 for certain specific things when I need to :)
that's the luxury of having multiple versions when the newer versions can't do what you need.
or in the case of what happened recently, may introduce a security risk
(kinda like how WinXPx64 removed ActiveX (added security) and then Win7 introduced something else that allowed html to be run on the desktop (removed security))
this is exactly why I've planned to work on a downdater for my program ;)
@Tcll we are targeting week of 2/17 for changes re: analytics/telemetry. We will be posting some proposals and discussions before than (most likely on /r/privacy on reddit and some other places that criticized/educated us :sweat_smile:).
Re: setting to disable autoupdates I'm all for this but we're really thin on development bandwidth. If you or anyone you know knows JS/React/Redux I'd be happy to bounty it and give you some pointers on it. Otherwise, I simply can't promise a date :/
@Tcll actually I believe you can at least get this disabled for you locally post https://github.com/lbryio/lbry-desktop/pull/3206 by running touch static/upgradeDisabled from install root.
@kauffj thanks for the notice, but I don't use reddit, or twitter, or anything like that for security/bias reasons.
if you have a self-hosted news feed (no 3rd-party CDNs) or email digests or anything like that, I might use those :)
also, I use the AppImage, but I can try creating the /opt/LBRY/resources/static/upgradeDisabled file as noted, and hope it's detected
I run lbry through firejail to hopefully sandbox PC access from hackers, so yeah, fingers grossed ;)
I mean heck, it's bad enough I'm still running a systemd-based distro :P
more info on that: https://nosystemd.org (they don't list the privilege escalation bug that has me highly concerned, but it's bad enough it wraps NetworkManager functionality for whatever reason)
also thanks for the offer, but I got my hands tied already with my own projects
(secure IPC through anonymous non-standard pipes has me held up pretty tightly)
but for some advice, drop electron, and build a better client in C/++ using only a socket server ;)
look up RetroShare and try to match that security :)
(I'm actually trying to surpass it with my program)
now yes, what I'm doing and what RS does are both chat-based
but when you really boil things down, both are P2PE with torrent-like content distribution
meaning the functionality isn't too much different from how lbry functions ;)
(except the content mine stores is planned to be encrypted so tightly it's nearly impossible to hack)
^ yes I can say my claim is valid, after all I've hacked python and invented private attributes for it.
honestly, JS, electron, and everything behind web technologies P's me off as the touted security behind everything is a bunch of lies.
even Comodo can't keep a straight face when they say they have a secure browser (Vivaldi is more secure)
(and no I'm not gonna get started on jokes like Avast/AVG or Defender)
if you guys took the time to become hackers and really pull off some CheatEngine or JS-exploit level hacking to see what info you could pull to target someone with, I wonder just how much you could actually get out of your creation. ;)
btw sorry if I sound a bit harsh on that JS bit, I'm not trying to be
I'm just sick of the BS from everyone and lack a lot of faith...
just take it as the constructive nature it's meant to be ;)
PS: ignore the cringe on that daniweb thread, I'm rebuilding that metaclass in C, so the exploits there shouldn't be an issue once that's out.
EDIT:
well I tried my thing and of course that didn't work :smirk:
I realized I was an idiot and realized what I needed to do:
./static/upgradeDisabled in the working directory (or install root as I was confused by)firejail --noprofile ./lbry.AppImage touch static/upgradeDisabledand THAT seems to have worked :)
Thank You! :D
EDIT2:
well that was short lived
seems after that first day of working, everything decided to backpedal and enforce updates again despite the changes...
(meaning yes it breaks itself again to where it won't start after closing #3540)
not sure what's going on there, but yeah I'm back to where I started
glad I never undid anything and still have the version copies