Valid points. How about restricting the scope to devices connected to a network and having some sort of push notification capability?
> In Apple's defense, it is pretty difficult to miss an update alert considering it comes through as (a) a push notification, (b) a mandatory alert, and (c) a persistent red badge on the Settings app.
> I agree that it might be a good idea to differentiate between a normal update and a security critical one, though.
But there is no mention of severity like you pointed out, and that is crucial. And till such a patch is available, Apple should notify users to disable offending apps/features if possible.
Not sure if I'll define it that way, but why not? If my mobile device is capable of showing inane ads as push notifications, why can't I expect security advisories to be delivered that way?
> In Apple's defense, it is pretty difficult to miss an update alert considering it comes through as (a) a push notification, (b) a mandatory alert, and (c) a persistent red badge on the Settings app.
> I agree that it might be a good idea to differentiate between a normal update and a security critical one, though.
But there is no mention of severity like you pointed out, and that is crucial. And till such a patch is available, Apple should notify users to disable offending apps/features if possible.