Your dogmatic approach to updating would prevent you from installing a version _without_ malware attached. For example, a version of Xcode circulated in China was infected with malware and once Apple had detected it, they asked all developers to recompile and update their apps immediately.
Every Google Play update prompt in My Apps has a description provided by the publisher. If there is an urgency to update and they don't say so, I'm not going to blithely accept every update.
Ior example, had there not been the exploit risk, I would have left Chrome at the older version, as their new tabgroup implementation is horrible, and it doesn't even allow you to open a new tab without creating a group or going incognito!
> Every Google Play update prompt in My Apps has a description provided by the publisher.
I hate to reply like this but, the vast majority of Google Play app updates go something like this:
"Updates."
"Fixes"
"..."
Having genuine changelogs would be glorious.
Apple and Google should require proper source and issue management, they could then generate changelogs automatically. Having that, they could then use machine learning against the code commits and issue titles to ensure that what people say are happening, are actually happening in the code.
I mean we've got ML that can generate code from natural language, I'm sure the bright sparks at Google and Apple could use some ML to, with a high degree of probability, say that the code does what the comment/issue says it does.
I just looked at the messages for the last ten or so updates on my phone and the last three were worthless like the above, but the rest were relatively detailed and informative. I imagine they are more motivated to give details when it's for new features.
https://www.zdnet.com/article/how-malware-finally-infected-a...
With your attitude, you wouldn't have necessarily seen the efficacy in updating the apps and could still be infected to this day.