> Why is it false? Those security updates are important and it's very nonintrusive.
Not sure if this is a complete list, but here are some of my reasons:
a) It's common for updates to contain a mix of security-fixes and other stuff. Sometimes that "other stuff" breaks things and/or needs vetting for deployed systems.
b) Sometimes even "security fixes" break stuff. (I don't have the time to find examples, so feel free to take this with a grain of salt.)
c) Sometimes a forced restart of the system or a program is worse than a delayed update. For example, when giving a presentation, or when firefighting a production issue.
d) It's absolutely an attractive attack vector. I want time to hear about problems before installing updates.
And finally, this might not resonate with everyone, but:
e) It's my system. Nobody else gets to override my choices for how it runs. Full stop. I refuse to cede my agency in this area of computing.
> It's common for updates to contain a mix of security-fixes and other stuff. Sometimes that "other stuff" breaks things and/or needs vetting for deployed systems.
So you have no experience with unattended-upgrades. They really don't contain new features, that's not how Debian's model works - they backport security fixes to keep features the same.
> Sometimes a forced restart of the system or a program is worse than a delayed update. For example, when giving a presentation, or when firefighting a production issue.
Again, you have no clue how Debian/APT updates work. Things don't just get forcefully restarted.
> It's absolutely an attractive attack vector. I want time to hear about problems before installing updates.
Unpatched software is significantly more so than attacking your distribution.
> e) It's my system. Nobody else gets to override my choices for how it runs. Full stop. I refuse to cede my agency in this area of computing.
Sure, feel free to do with yours as you please, but don't recommend terrible things to others, especially those not as proficient.
It's bad advice for most end-users and sysadmins to get rid of unattended-upgrades especially for the FUD reasons listed above.