|dickvisser||PSI3 = BS ATM, but it might be improved|
|14th Mar, 2012 13:43|
User Since: 14th Mar, 2012
System Score: N/A
Last edited on 14th Mar, 2012 13:45
I've been a PSI user since the beginning but I have to admit I never uninstalled a beta so quickly as I did with PSI3. I agree that a disruptive approach could be beneficial, that stuff can and should be simpler for Joe Average, but v3 in its current state has simply taken it too far.
Without any way of configuring or at least monitoring what is going on, v3 is a just a useless piece of junk. I understand that the idea behind this 'interface for blind, deaf and numb people' is that Joe Average has no way of accidentally misconfiguring the software. Well v3 succeeded at that allright.
Now for some constructive comments to add to this rant ;-)
Everyone here agrees (and so should Secunia) that software that cannot be configured is useless. So then the problem is how to implement configuration and monitoring and still make sure that Joe Average is not able to (unknowingly) screw up things. Some ideas:
1) Add logging, preferably to a file. But don't create links or buttons to such a log file in the software interface, because Joe Average might click it and get scared by it. Instead just document it so the experts know where to look.
2) Make it possible to configure things but do it in such a way that it is both easy for experts, and difficult for Joe Average. One thing that comes to mind is to use a default hard-coded configuration (pretty much as the current v3), and let that be overridden by a custom configuration. For instance a file "psi.ini" in the program folder, or a tree of registry settings. It is important that such configuration files/parameters are NOT created by default, so Joe Average won't be tempted to fiddle with them. To configure the software you manually need to create the file or registry keys, in the right format, with the right name, in the right place.
The software should be carefully written to emit just the right amount of information to the logs. If the right configuration file is found, it should log something like "found custom configuration file C:\program files (x86)\Secunia\PSI\psi.ini" or similar.
But if no configuration file was found, it should just log something like "using default settings", again to not give any ideas to Joe Average.
In my opinion this would be the best of both worlds: it will be usable for Joe Average as well as expert users :-)
|Anthony Wells||RE: PSI3 = BS ATM, but it might be improved|
|14th Mar, 2012 18:00|
User Since: 19th Dec 2007
System Score: N/A
Good intentions , but what about "non technical experts" such as I and the likes of me who require an "Advanced" mode and would run a mile from your two ?? There are enough complications that need resolving in version 2.0.0.x without adding to them .
It always seems impossible until its done.
Not a customer already?
Learn more about how our market leading Vulnerability Management solutions can help you manage risk and ensure compliance.