Today when I opened my computer, I had a message pop up saying, “There’s a new version of Joplin, blah blah, click here to update.” I just did it. Then Windows warned me not to open it. I knew this was because it was new and Microsoft didn’t know about it yet, so I clicked through. Then I downloaded this EXE and ran it and thought, “Gee Steve, you would tell your clients not to do this.” — Miscreants are getting better and better at looking like they are good and perfectly imitating actual messages; it is somewhat dangerous to do what I did.
Just in terms of building habits, the idea of fostering people’s idea that clicking on links from popups to download and install executables is problematic. Maybe it would be better to ask them to pull down the help menu inside Joplin and press “check for updates.”
I’m really not making a suggestion. I’d just like to put this on the many developers’ radar as something to consider. If I go to the website, I get a download button. Does that download know to upgrade rather than install if I’m running an earlier version?