* Enabled by default * No use of verification of the either the update metadata nor the update payload itself
Looks like someone wanted to write an auto updater without having the knowledge to do so properly
Very sad