The wisdom of the crowd gets it wrong on this one. Automatic Updates for WordPress can only help fix WordPress’s tarnished security reputation. Microsoft showed that this solution works unreasonably well. So, it follows WordPress should copy the same playbook. When you have a large distributed install base you most definitely need Automatic Updates. We see no better way to deploy security fixes than to remove the human element. Have the systems repair themselves.
So, Who becomes the crank that advocates tampering with the built in security solutions? Why do they undermine the best solution to the security problem? How did they get this way?