Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: PSI3 = BS ATM, but it might be improved

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
PSI

This thread has been marked as locked.
dickvisser PSI3 = BS ATM, but it might be improved
Member 14th Mar, 2012 13:43
Ranking: 2
Posts: 15
User Since: 14th Mar, 2012
System Score: N/A
Location: NL
Last edited on 14th Mar, 2012 13:45

I've been a PSI user since the beginning but I have to admit I never uninstalled a beta so quickly as I did with PSI3. I agree that a disruptive approach could be beneficial, that stuff can and should be simpler for Joe Average, but v3 in its current state has simply taken it too far.
Without any way of configuring or at least monitoring what is going on, v3 is a just a useless piece of junk. I understand that the idea behind this 'interface for blind, deaf and numb people' is that Joe Average has no way of accidentally misconfiguring the software. Well v3 succeeded at that allright.

Now for some constructive comments to add to this rant ;-)
Everyone here agrees (and so should Secunia) that software that cannot be configured is useless. So then the problem is how to implement configuration and monitoring and still make sure that Joe Average is not able to (unknowingly) screw up things. Some ideas:

1) Add logging, preferably to a file. But don't create links or buttons to such a log file in the software interface, because Joe Average might click it and get scared by it. Instead just document it so the experts know where to look.

2) Make it possible to configure things but do it in such a way that it is both easy for experts, and difficult for Joe Average. One thing that comes to mind is to use a default hard-coded configuration (pretty much as the current v3), and let that be overridden by a custom configuration. For instance a file "psi.ini" in the program folder, or a tree of registry settings. It is important that such configuration files/parameters are NOT created by default, so Joe Average won't be tempted to fiddle with them. To configure the software you manually need to create the file or registry keys, in the right format, with the right name, in the right place.

The software should be carefully written to emit just the right amount of information to the logs. If the right configuration file is found, it should log something like "found custom configuration file C:\program files (x86)\Secunia\PSI\psi.ini" or similar.
But if no configuration file was found, it should just log something like "using default settings", again to not give any ideas to Joe Average.


In my opinion this would be the best of both worlds: it will be usable for Joe Average as well as expert users :-)

Anthony Wells RE: PSI3 = BS ATM, but it might be improved
Expert Contributor 14th Mar, 2012 18:00
Score: 2437
Posts: 3,323
User Since: 19th Dec 2007
System Score: N/A
Location: N/A

Hi ,

Good intentions , but what about "non technical experts" such as I and the likes of me who require an "Advanced" mode and would run a mile from your two ?? There are enough complications that need resolving in version 2.0.0.x without adding to them .

Take care

Anthony

--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability