Description of problem: When Wi-Fi is off in the software, the update process turns it on without asking or telling me. To a geek it might be obvious but it allows an attacker to take my computer over through a network while I think the networking is off. Version-Release number of selected component (if applicable): Unknown to me. How reproducible: Probably always. It's happened numerous times. Steps to Reproduce: 0. Presumably, while online, if an update is available, the Software app will learn of the update availability even if the user does not have the app open. Sometimes, the process requires downloading as a separate step before restarting; sometimes it does not; perhaps this means that the process always downloads before the restart-step but in that case it's downloading silently. 1. Turn Wi-Fi off in the desktop environment, top panel, right end menu, and don't have a signal cable connected for wired networking. 2. If the Software app shows that an update is available and the next step is to restart the computer and let the update process go forward, do so. 3. Upon update completion, check the top-right menu and observe that Wi-Fi is still off. Actual results: Networking must have been on even though I had turned it off and none of the usual signs reported it as on. Expected results: If there's no wire for wired networking and Wi-Fi is off, no networking, unless it asks me to turn it on, I do so, and it shows the usual visual signs of being on. If the process silently downloads the update as a separate step unsolicited by the user, wait until the user gives permission for the download and don't be silent. Additional info: Security risk if someone can access my computer through a WiFi network I can't know is operational.
> Presumably, while online, if an update is available, the Software app will learn of the update availability even if the user does not have the app open. Sometimes, the process requires downloading as a separate step before restarting; sometimes it does not; perhaps this means that the process always downloads before the restart-step but in that case it's downloading silently. Yes, updates are silently downloaded. Software only notifies you that updates are available after all packages are already downloaded. If it prompts you to download them again, that means the previous update was invalidated for some reason (e.g. by another transaction). (In reply to Nick Levinson from comment #0) > Actual results: Networking must have been on even though I had turned it off > and none of the usual signs reported it as on. No, these are offline updates. The update was already downloaded and prepared. Software is not secretly connecting to a wifi network during the reboot without telling you. If you think this is happening, we'd need to see concrete proof, because that's not how it's designed to work.
(In reply to Nick Levinson from comment #0) > If the process silently downloads the update as a separate step unsolicited > by the user, wait until the user gives permission for the download and don't > be silent. If you don't want automatic downloads, you need to disable them in Software's preferences dialog (uncheck "Automatic Updates"). Unless you change that setting, it's working as designed.
Removing the prioritized_bug flag since this is closed as notabug
Your solution worked. At the setting, the phrasing is confusing, and I reported that as a bug for labeling (https://gitlab.gnome.org/GNOME/gnome-software/issues/933). Thank you.