There was an interesting thread on the Patch Management email list over the weekend, precipitated by a new update released for iTunes. Personally, I have never thought twice about where to get my software updates – I always opt for the official source and never look back. To me, it's a matter of trust. With the improved craftiness and cunning of computing evildoers these days, it takes a lot of extra effort to weed out the fake updates without having to source yet another web site and verify the webmaster's intent. You have to wonder how many of these update service offerings could turn out to be shadow malware providers, and be a big reason why so many company computers turn into zombots.
But, apparently, there is quite a growing number of IT Pros that actually do choose to use alternate sources to retrieve updates for a few reasons. The biggest reason solicited is because of poor updater programs or unreliable official download sites. The iTunes updater and Apple's download site were both cited as troublesome, with problems stretching back over a year without resolution. One popular tool called Ninite (which looks pretty useful) was promoted as a solution. Based on your selections, Ninite tracks updates for the software you use, and then delivers and installs them in the background.
The topic is one I believe that hasn't been talked about a lot, so I'm interested to hear your feelings on the matter. Do you trust non-official sources for updated software? Choose an option below and then leave an opinion if it so strikes you.
