Close, but no cigar
Nice try, but a far cry from a proper software repository that does everything for all software.
Secunia has taken the wraps off a new version of its consumer patch management tool, Secunia Personal Software Inspector (PSI) version 3.0. PSI v3.0, released today, offers a free Windows security scanner for private PC users that covers applications from more than 3,000 vendors. The technology differs from previous versions in …
Nice try, but a far cry from a proper software repository that does everything for all software.
"...proper software repository that does everything for all software..."
What does that mean, exactly, i.e. what were you expecting? AFAICT it does what it claims to do.
I mean that Windows doesn't do this out of the box, so now you depend on another external tool to manage all the different software.
In penguin land you can just update everything very easily with a few mouse clicks, or one or two commands, if you prefer. This comes out of the box.
So, while this is absolutely a nice tool for the windows world, it's a shame really that the OS doesn't handle this any better. At home, I spend more time keeping a single Windows XP machine up-to-date than I do updating 4 linux boxes. And this is caused not by Windows update, but downloading and updating all the individual software.
There's a lot of stuff you can comment on in Linux, but this an is area where Windows is way behind.
So, nice tool and all, but it really shouldn't be necessary in the first place.
Guess I'm stuck with the Windows non-out-the-box updating then, because I can't even get Linux installed. I rebuild my home PC on January 1st each year, and each January 1st I try install Linux just to see how that works out. So far it's bombed somewhere on install, every year. Guess each of these OS's have things that make one or the other a deal-breaker.
I just updated NetBackup on a Linux infrastructure, I needed to download the files and manually run scripts. No repo for me, I could have packaged the software and run my own local repo, but you can do that in Windows. So I'm wondering where this magical system that does everything from repos is?
The critical difference between updating on Linux and Windows is that the Linux software is generally open source and free. There is therefore no issues at all about validating the software has been paid for, and the user is permitted to have the upgrade. That makes it significantly easier to automate. Like miles easier.
However, when you are dealing with Linux software that isn't open source, you'll find that upgrading is no easier (and often unbelievably more complex) than on Windows.
Adobe at least seem to have got the message here with their non-open source reader: under Linux you just add in their repo and updates appear without messing about when the system update runs/is run. contrast that with the mess that is the update under Windows.
It only needs to be difficult to update non open-source software if the vendor chooses to make it so.
@Pete B - But the Adobe software is free, you can't run repos for non-free software.
Its Friday, it's been a testing day for me but what the hell are you babbling on about.
How do you expect MS to monitor AND update EVERY bit of *non* MS software.
The only reason its easier on linux boxes is the comparitive lack of software compared to a windows box.
Theres a lot of stuff to hate windows/MS for, but not updating 3rd party software isn't one of them...
"More than half these flaws were rated by Secunia as either 'highly' or 'extremely critical'."
Well they would say that wouldn't they?
The clue is the penguin.
If you've never been outside of Windows or Mac, basically 3rd party apps are updated in the same way as the OS. If you install something not using package management tools (eg, unzip) you're still on your own though.
PSI looks like an attempt to get around the lack of a single package management platform for windows, so it will only be as good as their coverage of 3rd party apps.
"PSI looks like an attempt to get around the lack of a single package management platform for windows, so it will only be as good as their coverage of 3rd party apps."
...Just as a Linux distribution's repository is only as good as the distribution's coverage of third party apps. No one particular solution is perfect.
as I said - "you're still on you're own" in that case.
I want to install older versions of software, but maintain other bits of software at the current patch level. How do I do that with a repo? Especially if they have libraries in common? Windows handles this pretty well.
As it happens I think that Windows isn't the best way to do things, but repos aren't a panacea either.
Debian and its derivatives allow you to lock packages at specific versions, though it can be a little tricky. The most foolproof way I found was to edit a configuration file manually rather than use utilities for apt.
Generally multiple versions of a library that break compatibility with previous versions have different package names and can be installed simultaneously. I've installed older boost libraries before just to install Amazon's mp3 downloader in more recent versions of in Ubuntu. Repositories do allow for manual installation, but when you do that, keep in mind there are associated risks.
How does Secunia benefit from developing and giving me free software? Got to be a catch somewhere...
Like the antivirus venders, they sell commercial solutions to companies and use the home version to get publicity. They do a similar product for companies so it's not that difficult to make a version for home users.
I'm not too keen on V3, it's all gone huge icons and practically no info compared to V2. They could have done a basic and advanced interface.
Gets their name out there.
They make expensive enterprise products. Some sysadmin out there (or heaven forbid, the CIO) installs this at home and finds that it works well, next time patch management comes up as a topic their enterprise product will be put forward as an option... "Well I use their free version t home and it works very nicely, thank you very much".
The fact is that they have developed the technology and its simply not something that most people would want to pay for for home use, so they might as well bundle up a free home version and at least get some advserising from it.
Maybe this extract from the T&C agreement gives a clue?
2.5 By registering you provide acceptance that Secunia may use data on applications installed on your system and may provide you with additional information, like product offers etc.
But what will I do with my 20 or so NortonUpdater.exe, AdobeUpdater.exe, JavaUpdater.exe, etc that all like to start with my machine, and put a friendly icon in my system tray to let me know they're constantly ready to update and reboot a few times just to make sure?
Nah, just kidding. apt-get upgrade works for me :D
I have been using this as a standard tool on PC's I end up supporting for friends and family for a few years. Their database is always expanding, so it does pick up some odd apps that you may not have realised were installed as well.
It isn't perfect, but certainly makes looking after Java/Adobe updates much easier and these seem to be the main methods for virus/malware/scareware infections that I see.
Installed the software and it immediately set about updating everything it could.
Some stuff requires a manual update.
Then there's a list of all the other software on my computer all with green ticks informing me they are up to date. Except they aren't not all of them. So the software is useless because it can't be trusted.
Tried V3 - immediately went back to V2 - shame.
Seems plenty of other people have taken the same approach.
Looks like Closed Sauce is playing ketchup .....
this is the one you needed ....
Unfortunately v3 is the dumbed down Fisher Price rewrite of PSI. It no longer tells you where the software it finds is installed - useful if you have old copies of Flash, Java, etc hiding on your system.
It has complained that Java is out of date on my main development machine and has been unable to update it since the first beta. Without the detail that v2 gave me I'm unable to figure out why, if it's a real problem or how to fix it.
Now that the final version is out and hasn't improved I'll be uninstalling v3 and returning to v2.
Right click and you can get a bit more info.
"3,000 vendors." Wow. So it covers nearly 5% of the marketplace then?
As far as the "Penguin" (Unbuntu) goes, one can click on 'Update All' daily and there will still be dozens and dozens of updates the very next day. If one is Obsessive-Compulsive about updates, and suffers with a slower Internet connection, it leads directly to insanity.
unfortunately, everything happens in the user interaction thread so it's often unresponsive or sluggish :( FYI Irongut, if you right click and item it tells you its location
actually, now I've tried to use it, it's way worse than clunky right into almost useless as it spends so much time unresponsive or showing an hourglass :( Also it's been "updating Adobe Flash Player" for 30 minutes now with no indication of progress or signs of update activity. Broken :(
possibly the worst non-virus program I've ever had the misfortune to run. After 45 minutes I've managed to update one program - twice as the first time nothing seemed to happen. It keeps greying out all the icons or just sulking and ignoring my clicks. Avoid.
I already have five of these and they don't work.
In practice, I just manually check each of the major products I use that require occasional updates, around Windows Patch Day if not sooner.
As you implied, it's a pleasant displacement activity.