Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: Autoupdate when?

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
PSI 2.0 Beta

This thread has been marked as locked.
BeBiMa Autoupdate when?
Member 12th Oct, 2010 12:14
Ranking: 1
Posts: 18
User Since: 30th Jul, 2010
System Score: N/A
Location: DE
Hi,
I know this has been discussed before. But nevertheless I am having this problem.

Secunia found a new version of Wireshark. That is correct. I knew that and just wanted to check how autoupdate works.
Clicking the line in "Install Solution" column initiated the download of the new version.
Some time later the application was uninstalled on my PC. ( Maybe necessary for this program ). The new installer is present in a subdirectory of "Program Files\Secunia\PSI\SUA".
But I can't see any progress in installing this new version.
It would be great if you could see, whether Secunia has scheduled this task for later, to avoid double installs.

In the meantime it is not possible to use this program. :(

This user no longer exists RE: Autoupdate when?
Member 12th Oct, 2010 12:28
Last edited on 12th Oct, 2010 12:28 Hi,

If the PSI is set to automatically update Wireshark, it follow this procedure:

1) Download installer, verify SHA1 sum
2) Schedule Update
3) After one minute, check criteria (program not running), then initiate update. Obviously, if the criteria is not met, it goes back to step 2.

So, simply ensure that no application is using any of Wireshark's resources. If you then wait for a minute, the PSI should initiate the automatic update.

hope this helps.
Was this reply relevant?
+0
-0
BeBiMa RE: Autoupdate when?
Member 12th Oct, 2010 12:39
Score: 1
Posts: 18
User Since: 30th Jul 2010
System Score: N/A
Location: DE
Last edited on 12th Oct, 2010 12:47
If I look through the current processes I can find
wireshark_uninstaller.exe and wireshark-win32-1.4.1.exe
active.
Both are waiting. For user answer?
Maybe unistaller wait for acknowledgement in a invisible window and installer waits for termination of uninstaller. This would be a deadlock. Therefore wireshark may be not compatible to autoupdate.

Is my observation right? Or did I miss something?

EDIT: just killed the uninstaller procces. Installer finished with success. PSI has noticed the new program. State is "cleaning up" ( at he moment).
Was this reply relevant?
+0
-0
BeBiMa RE: Autoupdate when?
Member 12th Oct, 2010 13:38
Score: 1
Posts: 18
User Since: 30th Jul 2010
System Score: N/A
Location: DE
Last edited on 12th Oct, 2010 13:40
Okay, with some trial and error I've found the problem:

Autoupdate can only do its job, if the installation isn't changed to much

I saved the PDF version of the user guide sometimes into the Program Folder.
Uninstall showed a unexpected window "Folder could not be deleted" and waited for the click on "Okay".

I deleted the folder manually. Then PSI was able to update Wireshark.
Was this reply relevant?
+0
-0
libove RE: Autoupdate when?
Member 13th Oct, 2010 10:43
Score: 31
Posts: 70
User Since: 12th Feb 2008
System Score: N/A
Location: N/A
Though for a different reason, I remain concerned about the user experience of automatic updates, with the same example of Wireshark. This is generalizable to other updates also.

Once an automatic update begins, or the user approves an update if PSI 2beta is configured to require user approval, the visible state of the program changes from Insecure to Approved, or possibly Pending.

In my experience, however, the PSI 2beta interface will never show the progress of the update, until the user manually asks PSI to re-scan that particular program. Then a more current status of the update will appear.

The PSI interface needs to fairly promptly show the current status of an update-in-progress as it occurs.


Aside, because insecure programs move to the top of the programs list (this is a good thing), and a completed update will make a program no-longer-insecure, the program which the user may have been watching *at the top* of the program list will seem to "disappear" once the update is complete and the program moves back down to its normal place in the list.

For once, I'm not sure exactly what user experience to suggest in this case...
Could leave the program at the top of the list where it was while insecure and while being updated, now marked up-to-date; maybe a better status would be to mark it with a new status of "successfully updated".
And then when should it return to its normal place in the list? Certainly, after the next re-scan of that program or of the whole system. Perhaps an additional user interface option, a command to acknowledge that the user has seen the success of the update, at which point the program would also return to its normal place in the list. The user would not have to use this command - if he did not, then the program would simply remain at the top, still marked as successfully updated, until the next scan.

Further thoughts?
Thanks,
Jay
Was this reply relevant?
+1
-0
BeBiMa RE: Autoupdate when?
Member 13th Oct, 2010 10:53
Score: 1
Posts: 18
User Since: 30th Jul 2010
System Score: N/A
Location: DE
Another suggestion I have is to document the "Autoupdate" more deeply in the help.
Was this reply relevant?
+0
-0
eganay RE: Autoupdate when?
Member 14th Oct, 2010 20:46
Score: 0
Posts: 2
User Since: 14th Oct 2010
System Score: N/A
Location: FR
Hello,
why about having a message in a bubble over the taskbar, saying, "applicationXX successfully updated" ?

Bye,
Edd
Was this reply relevant?
+0
-0
This user no longer exists RE: Autoupdate when?
Member 15th Oct, 2010 09:11
Hi,

Thank you all for your feeback.

I will ensure that the improvements you have suggested reach our developers, along with your comments.

If you have further feedback, questions or suggestions, please do not hesitate to write.
Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability