Agressively intrusive updater /

I tried right click on a flash image on a website and nothing happened.

I don't want to update flash, ever, until I get a new computer.

I'm annoyed that the latest flash updates can stop your flash

viewing and hold your computer "hostage" until you update.

Increasingly I find I'm fighting with my computer to get any work done at all.

There's too many automatic "helpers" delaying every thing I try to do to get

some work done. Not amused with it all. The computer is a tool for us, not the

other way around.

The user experience is not lost on us, and it's always a delicate balance between security and user experience.  Both your Browser and Flash Player spend the majority of their time processing remote, untrusted, potentially malicious content.  Very little other software on your computer falls into this category. 

Over the past few years, the security landscape has changed significantly, and we do want you to have the latest Flash Player.  We work closely with partners in academia, industry, and government to identify and resolve potential security threats based on emerging research and intelligence from the field.  Almost every Flash Player release includes important security updates, and they really are important if you're trying to keep your machine malware free.  We release monthly patches in tandem with Microsoft Patch tuesday, and if we're releasing a patch outside of that cycle, it's to address either a security threat that we've discovered being used in the wild (in which case, you *really* should want to patch), or there's some horrendous bug that we absolutely must patch because of a customer escalation or something.  That bar is very high.

So that's our thinking on the patch stuff.  We want you to be secure by default.  If you're browsing the same four sites all day and you're confident that no bad content will ever come your way, then we provide you mechanisms to disable the update.

For those of you that have expressed frustration with a particular experience, I'd be more than happy to advocate for fine-tuning things like the modal dialogs.  A lot of the installer action happens outside the Flash Player engineering group itself -- there's another group that makes the installer that we share across the various free products.  It helps me greatly when talking to external groups to show up armed with things like screen captures, details about the operating system and browser versions, any steps to reproduce, etc, but I'm always more than happy to go to bat for improving your experience.

Also, Google Chrome comes with a built-in Flash Player that they maintain as part of their automatic update process.  There are no manual downloads and nothing to tinker with outside of Chrome itself.  If you want both the security and the simplification of eliminating manual Flash downloads, Chrome is worth taking a look at.

The fine tuning for me would have to be: not disabling my previous version of flash in my browser.

As to the rest of it: the key phrase here is: loss of control

I continually have to spend time to find hidden click boxes to regain control over my computer "experience".

Programmers continually find ways to create and hide those click boxes to prevent me from keeping control

over my computer. The result is animosity.

The blocked plug-in dialog is controlled by Safari, and I readily acknowledge that the user experience is less than stellar.  It is unlikely that improving the user experience aspect of this functionality is a priority for the Safari team, but you're always welcome to voice your opinion to Apple.  That's the most effective path for change in this instance.  There are much better examples of implementations of similar functionality in other popular browsers.  In the case of Chrome, you would just get the update and never notice that anything changed.  Firefox would present you with a dialog in the browser chrome instead of the area where the plug-in resides, which ensures that it's always adequately sized and legible. 

That said, both Adobe and Apple believe that the benefits of blocking vulnerable plug-ins before they become vectors for widespread infection far outweighs the minor inconvenience that blocking may impose.  There are rarely easy or convenient choices in these scenarios, but taking decisive action to prevent the spread of malware is by far the lesser of two evils.

The alternative to blocking the plugin is that you're potentially left exposed to malware, the result of which could cause a far more egregious loss of control over your computer, your personal information, finances, reputation, or depending on what your work and country of residence is, life or freedom.  Like vaccinations, there's a critical herd-immunity component here.  If the vast majority of machines are protected by default, the economic incentive evaporates, and in the event that attackers are able to establish a foothold on a body of vulnerable machines, that pool of machines under the attacker's control is much smaller that it would be otherwise.

I totally get where you're coming from -- the rapid pace of updates in the OS and browser space is not something that's lost on us by any means -- it make my life far harder in many regard, but the answer isn't returning to the early Windows XP days where network worms regularly infected millions of machines in attacks that persisted for months or years.  There's a holistic concern about the security and viability of the Internet that outweighs minor usability concerns.  Should we make the experience more seamless?  Absolutely.  Should we leave network-connected client endpoints in a permanently vulnerable state such that they can be used to infect other machines and networks with a continuously updated stream of malware?  Personally, I'm in the "no" camp and am happy to take occasional heat for it.

Well, this looks like a good place to "vent".

I'm not happy with automatic updates for another reason too:

I use a dial up service for www access at home. It's okay cost wise if

I keep my data transfer below a certain amount each month. But if I go

over that amount of data transfer then I pay good money to do so. So I

don't allow myself to go over that data transfer amount.

Guess what happens if a few sneaky updates happen automatically?

Then those updates are not free. I have to shell out extra cash for them.

Especially virus updates and system updates, that don't let me schedule

them over two months.

So I'm heading back to the old routine of one computer for the www and

one computer which is not connected to www. (and guess which one I

use to get some work done? so leasing software is not a good option for me.)