I believe the issue of automatic updates was already discussed on other security-related lists.
Yes, I agree, but that's not what I was commenting on specifically. Certainly, we've seen automatic patches for a few years now. (And for many systems, e.g., desktop users, I believe that they're a good thing, in general.)
The column, however, advocates _slowing down_ the patch and distribution process so that all (subscribed) users of the product get the patch and install it more-or-less simultaneously. In my view, that doesn't do much, if anything, to make matters better. If anything, it punishes those that promptly install (after appropriate testing, no doubt) patches because it forces them to wait for the stragglers to catch up.
That said, I certainly agree with the column's notion that the current patching process that most product vendors use is not meeting our needs.
Cheers,
Ken van Wyk http://www.KRvW.com
