When discussing software updates, I feel like folks on HN commonly overestimate how much impact opportunity for controlling updates has. I haven't seen someone in my social/professional circles ever hesitate before applying an apt-get update. Nobody I've known checks changelogs (except developers checking on direct dependencies), nobody reads the patches for the updates to verify nothing malicious slipped in. "There's an update, I'd better apply it, unless it smells like a breaking change."
So in practical terms, my experience is that vanishingly few people will behave differently than an auto-update system would behave, except in rare occasions like a malicious update making the headlines. We definitely need a solution for rejecting malicious updates, but I feel backing away from auto updates throws the baby out with the bathwater and would be a net-negative change for the industry and for users.
There are exceptions but I think that’s true in the same way people tell their doctor they eat well, exercise daily, and go to sleep on time every night — aspirational, almost certainly discounting the times it doesn’t happen as exceptions and ignoring the actual frequency. The most I’ve seen people consistently do is delay a little in case an update is pulled, and statistically nobody does the kind of analysis that you’d need to catch an unadvertised change.
There's also the occasional _necessity_ for making a breaking change, in particular _breaking some exploit_ and thereby making the software more secure.
I don't envy Chrome leadership's decision or having that problem to solve.
So in practical terms, my experience is that vanishingly few people will behave differently than an auto-update system would behave, except in rare occasions like a malicious update making the headlines. We definitely need a solution for rejecting malicious updates, but I feel backing away from auto updates throws the baby out with the bathwater and would be a net-negative change for the industry and for users.