Slashdot Mirror
Typical Windows User Patches Every 5 Days
CWmike writes "The typical home user running Windows faces the 'unreasonable' task of patching software an average of every five days, security research company Secunia said on Thursday. 'It's completely unreasonable to expect users to master so many different patch mechanisms and spend so much time patching,' said Thomas Kristensen, the company's CSO. The result: Few consumers devote the time and attention necessary to stay atop the patching job, which leaves them open to attack. Secunia says that of the users who ran the company's Personal Software Inspector in the last week of January, half had 66 or more programs from 22 or more different vendors on their machines. ... Secunia has published a white paper (PDF) that details its findings."
There seem to have been loads of updates recently
America, Home of the Brave.
Since we have a "few" computers all around the house, it's pretty much every time I sit down to one I have to apply patches, and usually a reboot to boot. Sometimes, it's a rarely used computer that I grab (laptop) just to get a few quick things done, and it requires multiple iterations of patches and reboots. Sigh.
I find it exasperating that my experience is almost always, "apply these patches", and then you can do some work with Windows. The good news (for me), I'm finally migrating EVERYTHING (as in replacing with) Macs and Linux. Time and money, that's all it takes.
Interestingly the other day... I got in and was productive immediately on a Windows laptop. Wow! C'est vrai? And when I went to shut it down? "Please do not power down your computer. Windows is installing (3 of 10...) updates..." WTH?
patching for Windows is largely automated...
Heck, my Linux has patches every day and I kinda see that as a good thing.
This is my sig.
Funny--my Firefox updates when I start it up, my Flash and Java and Adobe Reader update essentially on their own, and Windows updates when I shut it down...Steam updates on its own...Trillian and uTorrent give me a button to push to update them...I'm pretty much a power user, but I've never been prompted to update something that was remotely confusing. As long as things that need updating have an easy button to push to do it for you, I'm happy--extra bonus points if there's a checkbox in the installer to choose between "update automatically" and "prompt annoyingly when an update is available"
There nothing unreasonable about it. Especially if you have automatic updates. My fedora box updates just about every day so, does that make fedora more 'unreasonable'?
I guess in from the perspective of the authors, Windows is better than Linux.
Yeah its real hard. You do....nothing. (Automatic settings). If you want more control, you can change the settings. More windows-hate circle jerking.
I've owned a Droid phone for 5 days now. I've already had to "patch" two of the apps for it out of about 10 apps that I have on the phone.
By those standards I'd say MS is doing one hell of a fine job.
Dedicated Cthulhu Cultist since 4523 BC.
We can manage all those patches for them!
Seriously, that is what this looks like to me. It is a load of bullshit over all. Reason being that few things actually need patches for security reasons. The OS, virus scanner, browser, browser plugins and so on sure. However a videogame? No probably not. Well guess what? Turns out most of the stuff that needs patching, patches itself. Windows downloads patches and applies them in the middle of the night. Firefox grabs new versions when you surf, and installs next time it starts up. Virus scanners update silently in the background all the time.
If people actually had to spend time managing patches on all their apps, sure ti might be a problem. However for the most part that isn't the case. In the default config most important apps update themselves.
My Ubuntu installation updates and patches way more often than my Windows installs do. Newsworthy? Didn't think so /.
Civilization is the process of setting man free from men.
This just sounds like someone trying to stir up trouble to get attention. Patching is part of life. It is not a pain, it is about as easy of a task as you can have, most home users don't even know they do it.
CS: It is all sink or swim...oh and did I mention there are sharks in that water?
Honestly, I would be happy if I could use my Windows system for five days without getting a notice to update something. Between Flash, Firefox, Windows Update, and my AntiVirus software, I must see an update notification every 2 days or so!
Not that Linux or Mac users should be gloating... The software update systems in Fedora and Mac OS X are almost as obnoxious.
I run a Fedora Core 12 server as a personal development server. There are package updates for it almost daily. I would say that in the 30 days that I've had it running, I've patched it at least 10 times. I try not to check it every day because I really shouldn't have to. It just seems there are a lot of patches and package updates for this.
Has anyone else had a similar experience with Fedora or any other flavor of Linux?
days to pwnage
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
Linux (Fedora 12) has patches, too. I patch my systems probably twice weekly.
I haven't had to patch it in ages!
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
Last year I bought for my mother a new computer, she is quite computer literate but I was shocked to find 3 months after purchasing that she has gotten into the habit of turning it on once a week just to give it an hour to "update itself". That was to allow her to spend 30mins every other week doing her online stuff..
I literally couldn't or didn't believe it, but then I actually was there one day and watched as all the mostly default installed apps when through their motions of requesting updates. It literally took about half an hour before to computer was usable without something prompting "Do you want to install this update..."!
In the end I removed some of the crap like Java and the HP printer updater, and told her to turn it on only ever other week for the updates!
Definitely there is some need to consolidate updates into one program..
If only we had automatic updates on Windows.
Let's face it, doing patches this often is like putting mattresses in the hole on the side of the Titanic. It merely delays the inevitable, slightly. We need to rip out the ineffective system we're gotten used to, and to move on.
and I surely do not experience that amount of 'patching.' I also think updating virus signatures shouldn't be considered a 'patch' per se. Those are essentially database records, not bug fixes. Windows gives me updates about once per month. Once in awhile I get an Adobe or a Java update, but the total is nowhere near what these guys are saying.
How about a moderation of -1 pedantic.
The problem, in my opinion, is the fact that patches, particularly Windows Updates, have a track record of breaking things. This leads to a conundrum...automatically update and risk mysterious breakage, or manually update and risk falling behind and being insecure. If you want to make patching less onerous, the first step is to make it as reliable as possible, and then a larger percentage of users will trust automatic updates.
Momentarily, the need for the construction of new light will no longer exist.
Running Ubuntu at home, seems like once a week there an update for something or other... Thank God Linux is *FAR* more graceful applying patches - I can update anything on the system and so long as the kernel is not touched, no reboot is required. Windoze just kills me... yo have to reboot for every damn thing! Glad I don't have to deal with that...
Not sure if paying at least twice as much for the same hardware makes up for having to patch less...
not a 7-day span goes by without ubuntu patches it seems.
it would be better if everything would be more like apple? just ignore problems for months at a time then release large patch sets?
what the world needs now is another "security expert" interpreting useless data.
THL phish sticks
I think the difference is that with Windows, you have to install updates from Microsoft via one method, updates to Adobe software via another method, updates to Firefox by another method. Lots of things for the user to learn, there isn't just a click one thing and it updates everything.
My Linux box on the other hand, does have quite a few updates, and requires updating often, but, it's just one interface to update everything, including from third party vendors (i.e. Adobe)
All but 2 of my home computers are configured as Media Center PCs, I do not patch them.
They connect to the internet only to update the program guide. Since that's the extent of their interraction with the rest of the world, I do not see the need to patch them. I do, however, regularly patch my gaming machine and my Netbook since I use them almost daily.
I think September 2009 was the last time I updated Windows Vista Home Premium on my Dell E510 doing HTPC duties.
Sig Follows: "Suppose you were an idiot. And suppose you were a member of Congress. But I repeat myself." -- Mark Twain
I don't think I've ever needed to install windows updates twice in a week. Maybe twice in a month if there's a major issue. But that report is counting Adobe Reader updates. Java updates. Firefox updates. That annoying update that tells me I need to ugrade TortoiseSVN from version 1.6.4.12.a to 1.6.4.12.b. Etc.
Can you construct some sort of rudimentary lathe?
Yes, because it's completely reasonable that the *monthly* patches my Mac at work gets 95% of the time require a restart. Why do iTunes or Safari need the system to be restarted? I'm only forced to reboot my Win7 machine due to patches... Hmm, I think once in the time I've had it.
And OS X requires me to put in my password in order to install patches, so it can't patch unattended, or in the background. It's a choice between delaying my work or delaying the patch. Most people are going to pick "delaying the patch," especially if they've got anything open. And that's how security starts to fall apart.
Canada: The US's more awesome sibling.
What's REALLY annoying is when Adobe is in the middle of updating and Windows reboots to do ITS update, messing up Adobe's.
Slow down, cowboy! It has been 4 hours since you last posted. You must wait another few hours.
I don't really mind patches. They are usually quiet and seamless, working in the background and not interfering with my work.
The real killers are the updates that require a reboot, and these seem to be on the rise of late. Even worse, these are typically for software that I do not use (IE, Windows Media Player, etc.), but I am required to interrupt my work to reboot my machine so that I can be "secure".
I believe in de-evolution. God made the world perfect, man fell, and its been going downhill ever since!
For those involved in technology, one of our flaws is the level of expectation we have for the average citizen to be able to cope with. I recall a security expert stating that the average person should be able to memorize a ridiculously large number of random passwords. I developed a strong understanding of controlling memory allocation (back in the early '90's) on PC's, not for some esoteric application, but to get the games my preschoolers were playing to work.
/. crowd will not be having issues with this aspect of maintaining your PC, it's a lot to ask someone with less expertise. If you consider this perspective, it may be more understandable how and why there are so many PC's doing double-duty as part of "Bot-Nets".
It led me to the perspective, that all things being equal, it is fairly easy to argue, that for the home computer market, the "good-guy" lost (as in Apple vs DOS and Windows PCs) simply because Apple did not expect the level of user expertize and intervention to get the things to work.
So, with this situation, though the
World of Warcraft Addons get updated at an insane rate, almost as insane as the rate at which a new WoW update patch breaks many of them.
Exactly my point. . . If Windows had a unified update system, you wouldn't have that problem.
But, every app that needs an update system installs it's own.
A friend of mine, runs his PC "commando": no virus software, no firewall, no patches, nothing. He's non-technical and assumes he is going to get a virus no matter what he does and it's just a waste of time pricking around with all that stuff, so he just reinstalls Windows about once every two months when it starts running slow from the viruses. Well, it's a daring tactic, but it seems to work for him.
I am with Linus on this one
Linus is right
The man makes sense
He is absolutely correct on this one
The typical home user running Windows faces the 'unreasonable' task of patching software an average of every five days
Only once every five days? That seems rather mild to me...
Between Windows, Firefox, Office, Java, Adobe Reader, my antivirus, VLC, Pidgin, VirtualBox, EVE, Songbird, and Steam it seems like I'm patching something on a daily basis. And that's just my home machine.
Throw in the fileserver at home... My workstation at the office... My work netbook... And the assortment of servers I'm responsible for... And I'm definitely patching something on a daily basis.
"Work is the curse of the drinking classes." -Oscar Wilde
Windows can patch itself to hell. Firefox and Adobe too, for all I care -
AS LONG AS THEY DON'T INTERRUPT, STEAL MY FOCUS, PUT UP CRAP ERROR MESSAGES OR REBOOT WITHOUT ASKING!
There's a portable at home I open only on weekends. Want to guess what happens for the first 30 minutes after I turn it on? Yup. An unusable computer that's *updating* itself. Java. Adobe. Firefox. Firefox *add-ins", Windows, and possibly, the current timeline in which I exist.
Needless to say, ALL of these want me to agree/disagree, actually *view* their updates, click a modal dialog, or reboot - repeatedly. I really don't care if updates have to happen, BUT KEEP THEM OUT OF MY FACE.
And don't slow the computer to a crawl. If the update takes all day, do I care? Not if it doesn't interfere with me.
Computers exist to serve ME. Make the computer wait, NOT ME!
Please do not read this sig. Thank you.
and yes this may be 'automated' but I don't leave my pc's on all hours so they dont all automate the patches that are released, and if I do leave it on it's for a reason so I get really upset finding my PC is running blank when I return the next day with a note saying your PC rebooted because of updates and my downloads/rendering/processing apps were all terminated Doh. It all the extra stuff though, Adobe, Firefox (and add-ins), Java, Virus, Logitech (kb's and webcams), Apps like torrent/tweet/scanner/etc/etc all look at the web and offer updates over and over again. It's a constant task to do this, and the 'regular' user like me is probably doing it on 2 or 3 machines at home and on behalf of their parents/family/friends pc's also. Not to mention this impacts on my downloads/net. Perhaps nice way to do all of this automatically and run a proxy so it only downloads once would be nice, but can I see these companies getting together to make it a nice quality service for the user, unlikely.
No, actually many things that *really* need to be patched, don't patch themselves. And, sometimes they require a little more effort on behalf of the user.
Example, Adobe Flash Plugin
* Never updates itself
* User sometimes has to do a full uninstall of the plugin (by finding the hidden uninstaller software on adobe's website) before they can run the patch installer to make sure it installs properly.
* This and PDFs have been established as one of the biggest holes in your system's security.
Another example is GDI, many software packages that do image display or manipulation (namely everything) that you have installed on your computer use GDI. Most software companies ship the GDI and GDI+ dlls with their software, installed to their program files directory for their software product instead of relying on the one in the Windows system directory. When these particular software packages are updated, they only update their main exe, not the GDI dll. These GDI dlls are almost all out of date and have numerous security holes in them that are easily exploited by simply viewing a tampered image with the software. It becomes impossible for the end-user to figure out where the holes are in their system, so they don't bother.
These are just some examples, it gets worse.
Maybe if the OP would run windows update, and set it to autoupdate, he'd never have to patch. I know I don't ever patch explicitly, and my OS and windows apps are always up to date...
I'm the guy in our household responsible for applying our patches, being an IT professional and all.
Since we have a "few" computers all around the house, it's pretty much every time I sit down to one I have to apply patches, and usually a reboot to boot. Sometimes, it's a rarely used computer that I grab (laptop) just to get a few quick things done, and it requires multiple iterations of patches and reboots. Sigh.
I'm the guy in our household responsible for applying our patches, being an part time Web Developer and all.
Since we have a "few" computers all around the house, I just set Windows Update to download and notify me when updates are available. Providing me convienence and still retaining the ability to opt to not to install a patch.
Since Win7 got installed on my desktop I rarely have to restart for 99.9% of all day to day tasks, but when something out of left field like patch time comes it's increased speed to the login screen makes it much seem less of a chore having to wait 5 minutes while my PC is being updated.
And on my gf's laptop with Vista the reboots are slightly more often and and take a little longer.
But then again I'm on the computer 12 hours out of the day, so 5-10 mins once a week for maintenance really seems to be a non issue.
On the Oregon Cost born and raised, On the beach is where I spent most of my days
opera handled this one quite well. just sayin
half had 66 or more programs from 22 or more different vendors on their machines.
Is that all? Sounds like a pretty routine state of affairs. My wife, who is seriously non-technical has 134 apps on her machine, not counting the stuff in the Windows directory. We patch no more than once a month, just before running the trial versions of a few AVs, if I remember to do it. In more years than I care to count, the AVs have only found suspicious cookies and emails. We get more false positives than anything else.
This may be a black swan, but my use of PCs goes back to DOS 1 (I was an OEM). For a while I ran a 40-user BBS and I've never had fewer than 3 PC's hooked up to whatever the current network technology allowed (can you say PCboard? Fido? uucp?) In all that time and with all those machines, I've only had one infection--an isolated laptop that I mistakenly hooked to the internet via dialup with the firewall disabled. It took Blaster about 5 seconds to hit and it took about an hour to clean up the mess. Not bad for 25 years of exposure.
Risk management has two sides: cost and benefit. The rational thing is to keep the cost lower than the benefit. That's why the people who live by ITSec only do qualitative risk analysis; they don't want their clients to know that they are spending more than the protection is worth.
I'm a Programmer. That's one level above Software Engineer and one level below Engineer.
One thing that seems to get washed away with this ongoing flood of patches is any meaningful testing of the patch in the users technical environment and the assurance that the patch does not break some application coding specific to work around the flaw being corrected. It is nice that Microsoft patching usually triggers a system restore snapshot -- but not every application does this. Most of the time this dreamland assumption is valid and our systems continue to work although maybe a bit slower than before. But if they don't, I wonder how many end users (not the typical slashdotters...) would be able to back out one patch at a time, doing restores as need be, untill the patch-engendered problem was resolved? I would suggest that this cascade of changes was inherently dangerous and is a topic we all might want to worry about, just a bit.
Context theft is the one thing that annoys me the most about all of this business. I don't care if my machine has thirty different update mechanisms churning away in the background on startup, just leave me out of it unless the box is about to catch fire, explode and maim me.
I've configure my machine as far as practical to have nothing that suddenly demands attention (it's used for graphics and illustration work, context theft can completely screw your flow, as per programming and etc), anything that insists on having popups or info balloons has its updates disabled or is replaced.
I'm hoping Windows 7's driver update approach indicates Microsoft is moving towards allowing vendors to use the windows update mechanisms for their applications - I seem to remember for major hardware vendors they contact their site directly and install drivers and utilities, I'd love to see this approach spread to the application space, providing they can manage the liabilities.
What's really annoying is Adobe.
Fixed that for ya'.
and we could trust Microsoft to not install their crap in the guise of security updates.
Safari needs to reboot because it's probably updating WebKit and the system needs to HUP so that everything that relies on it knows about it.
No real reason for iTunes. That's BS from Apple.
OSX requires you to put your admin password in. It's called security. Win7 does too, but they learned from the Vista fiasco just to turn off the UAC for things like this. Win7 just goes and looks it up without asking you...
Typical user running Secunia patches every five days.
Actual typical Windows users probably update automatically every day but don't get patches nearly that often. Applications should update themselves and vendors should sign their code.
It doesn't have to be this way. Security patches should be a rare event... and they would be if we had a proper security model underlying things. I can't believe how much acceptance there is of this bizarre state of affairs.
I'm only forced to reboot my Win7 machine due to patches... Hmm, I think once in the time I've had it.
To be fair, other than during the initial install when you are pulling patches from Windows Update, Win7 patches on shutdown. It doesn't have the annoying XP-esque system tray icon that annoys you every fifteen minutes.
It does seem like the large majority of OSX patches do require a reboot. They should just adopt the Microsoft strategy and roll it into the shutdown process. I have found myself skipping OSX updates simply because they are intrusive. They pop up and want a reboot. I want to use the computer. When it comes time to shutdown, I do the Ctrl+Eject and hit Enter. There isn't an equivalent of the windows "Install updates AND Shutdown".
Windows and Linux are not the same. Windows only patches once per month. Linux patches almost never. Because we are not comparing an OS with a distro are we?
Ubuntu patches fairly regular, but that is a LOT more then just the OS/Desktop AND it includes upgrades. IE only has major releases and patches but firefox alone is regularly updated and expanded. So how you do you compare the two.
The problem for windows users is that they have got all these seperate programs to take care off. All with their own methods for keeping up-to-date. For linux it is just a single command to update everything, but a windows user got to have a dozen "check latest version" proggies running.
That is what the story about.
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
OSX requires you to put your admin password in. It's called security.
I know *why* it does that, thanks. My point was that it's not an unattended process. You can't set your machine to update overnight, because it needs your password before it'll install updates. You can't do it at the very end of the day, because it reboots, not "shutdown, and then finish on next start." So you'd have to wait around until it finishes, so you can properly shut down your system. That leaves the start of the day, or else you're interrupting your workflow. And the start of the day delays you getting down to work.
As for "needing to update webkit," just to really get in at the fanbois, MS got in major shit for entangling IE so deep in to Windows, why not Apple? If Safari is that entangled, they should have faced the same action as MS. If it's a browser update, I shouldn't have to do shit. If it's an OS update, it's disingenuous to mask it as a browser update, since it allows Apple to skew figures if they so choose.
Canada: The US's more awesome sibling.
how can that be if Microsoft only releases patches once every thirty days?
My karma is not a Chameleon.
Microsoft's system updates tend to be unobtrusive, at least until a restart is required. Even then, however, the entire update can be downloaded in the background and I can save the restart for later. Their updates for Office, however, are exceedingly obnoxious. I'll open an application, getting ready to do some work, and I'm greeted to an update prompt.
Updates in OSX are as frequent as those for Windows, expect that by default the system checks for them on a weekly basis. What's really annoying is how system updates seem to always require immediate restarts.
iWork and iLife seem to have far more frequent updates than Microsoft's apps. But the absolute worst are Quicktime and iTunes, there seem to be updates almost every time I open those apps.
Adobe is annoying with updates as well, especially considering they never address outstanding issues. Acrobat is the worst of all, particularly since the updates come frequently.
Firefox has gotten pretty bad over the past couple of years. Start it up and oops! I have to wait for an update.
So what's my point? They all do it. Hell, even games and consoles feature regular updates nowadays. The difference is they force you to do them. I guess this is simply the nature of computing today.
I don't know. I haven't had a problem with patching in a looooong time. I just turn on automatic patches and I never see a thing. My virus scanner updates, Windows 7 updates, and a few of the applications that I use do autoupdates as well. I think Secunia is probably just trying to sell something. You know, like it's Personal Software Inspector...
I use Linux and Windows but one thing stands out for me and that is the Linux update/patch/bugfix model is far easier for the lay user. What Windows needs desperately is a repository system in the vein of Linux distro's Like Ubuntu, Red Hat etc that checks for updates at regular intervals. Yes some windows programs already do this but why have 20 different programs running an update manager in the background when one would do the job. Im not saying Microsoft should manage the repository, each software maker could have their own and just inform the repo manager were to get updates during the install process for that particular program.
To make the average work outsomeone must be running updates every 15 minutes, because I see a lot of people grossly out of date. XP SP2 and IE6 are not uncommon.
This isnt unique to Windows. Its the same on OSX.
If Linux ever gets a strong software presence, it will have the same issues.
In Big-O notation, repositories scale linearly with the number of developers making demands of it. Double the number of developers and you've doubled the workload for the maintainers of the repository. The Linux ecosystem needs to double about 15 times (pulled that out of my ass, 32768x) to be comparable in scale with the Windows ecosystem.
Are the Linux repositories prepared for The Year of the Linux Desktop? I suggest that no, no they are not prepared at all. They wont know what hit them.
"His name was James Damore."
But at least those users don't need to worry themselves about being called Mac fanboys, zealots, or snobs.
It's a small price to pay.
If you don't know what AltaVista is (was), get off my lawn.
" ... Why do iTunes or Safari need the system to be restarted? I'm only forced to reboot my Win7 machine due to patches... Hmm, I think once in the time I've had it. ..."
I just click click on the Software Update window to bring it into focus when it gives me the reboot screen, and then click back on whatever I was working on and carry on for hours or sometimes, days. It will run fine until you shutdown normally ... like tonight, next week, whatever.
In that case, it downloads them in the background, while you work, and then installs them when you shut down.
Since i only use my windows virtual machine in average every few months, i can not patch it everyday. However, i dont use it for receiving e-mail or surfing the web, only for compiling.
I also do not patch the measurement devices in our lab (oscilloscopes etc, they are strictly isolated from the internet), since all my attempts to ask the IT Department for a policy on that failed.
I also do not reboot measurement computers during a long running measurement.
Agreed, the number one thing I hate about windows is that it seems to think it knows better when to reboot than I do.
I also wish that FireFox would do its installations when I close it (in the background, at least on normal closes, obviously not on forced closes) instead of when I start it up. When I close it I typically don't care about it, thus if it is unusable for a while that is ok, when I start it up, I want it NOW, not after the installers get stuff figured out. Just run the installers with a low priority unless FireFox is restarted, then bump it up to normal priority.
Better yet, it should be like Linux -- you only have to reboot if there's there's an update to the kernel.
Nowadays, it's technically possible to update the Linux kernel while it runs using Ksplice. Actually, I find that the biggest update annoyance on Linux is Firefox. A new version of Firefox comes out about once a week, and upgrading requires Firefox to be restarted. Not only do I lose session state in my windows and tabs, the whole browser becomes unstable if Firefox is already running when the upgrade occurs.
So the point of the article was to say the average uptime on a windows machine is 5 days?
I do not allow anything but AVG and Comodo to automatically download. I check the chatter on Windows patches before installing them because, as you know, they sometimes cause problems. I signed up for Secunia's reminder service which makes updating easy. However, it always indicates that java needs updating when it does not which I know because I check. I recommend this method to all my fellow female retiree friends. I think it is interesting and perhaps would surprise Slashdot that many of these retired females are in charge of the home pc.
More secure software exists, with fewer patches, that get installed less frequently. Apparently it's "overpriced."
Happy patching!
It does, actually. If you install updates that require a reboot, you'll see a tray balloon prompt telling you as much, and offering to either reboot immediately, or postpone notification by a certain amount of time (though unlike XP, you can postpone by up to 4 hours).
But, yes, if you postpone (or just ignore the notification by closing it without selecting anything), then installation will be finished when you next shut down.
It's so awesome that it is indeed automated! Isn't it? Pick any random system, pull up the task list and look what's actively running, consuming memory and cpu cycles.
Windows Update
Java Update
Quicktime update.
iTunes update.
Flash update.
Adobe Reader updater.
InstallShield updater.
Google updater for Toolbar, Earth, Widgets...
Antivirus updater.
Real updater?
Why on Earth can't these pieces of crap terminate upon completion? It's no wonder the systems take an age to boot and can't be used for anything useful for the first 30 minutes. They're too tied up updating. There are no resources left to run applications.
Not that I'm at all bitter about it.
Programs like Foxit Reader and Adobe try to install toolbars, put shortcuts where you don't want them and links to third party web sites on your desktop, etc. Each time you run the update you have to manually uncheck all those options which are checked by default. Another problem is that the programs that do update themselves do so by each running their check on Windows startup or own service ALL THE TIME. A far better solution would be for Windows update to allow other programs to register for update checks that can then be handled by a single service.
42 hidden comments
Runs in the background, installs your updates for you, all without prompting you.
http://www.nabber.org/projects/appupdater/
Wait, what do window managers have to do with installation? I didn't think compiz was that bad.
Set the patch schedules, type of updates you want and approval rules, set computers to wake on lan and enjoy automated patching goodness. As for third party crap, I won't blame MS that other products need to be patched. The only third party programs I have running are firefox java and flash, they dont seem to bother me too often.
Automated patches have broken vital functionality for me once too often and I simply don't have time to patch every time I sit at a computer. One of the first things I do is turn off automated patching on any software I install. I apply the patches I choose when I choose. I'm sure some of you will be horrified but for me the computer is sometimes a tool and sometimes a plaything. When it's a tool I'm very pragmatic about how I do things. As for security vulnerabilities etc so many remain unpatched for so long that I find the idea of dropping everything I'm doing to get the latest patches idiotic.
These posts express my own personal views, not those of my employer
181 upgraded, 0 newly installed, 0 to remove and 6 not upgraded.
Need to get 275MB of archives.
After this operation, 8,425kB disk space will be freed.
Such a beautiful thing. Show me a Windows system that can do that.
We complain when they don't update.
Personally, I have no problem with updates. I think any modern computer user should make themselves feel the same way. Let's face it, this stuff we use is complex. REALLY complex. Things need to be updated and improved, the lifecycle of software is moving in that direction. While the nuisance aspects of pop-up dialogs telling you you've updated could really be pared down to a minimum, this is just how it is.
What you SHOULD get furious about is if there's a security hole that puts your system at risk, but the vendor of the OS doesn't bother patching it OR even tries to talk their way out of fixing it. Yes, that includes Apple. That includes Linux, as well. The only difference between Linux and the rest is that there'll be a semi-public debate as to whether or not to fix it, and a corporate shill coming out and calling that flaw a feature or completely ignoring it until they can't hold out any longer. But it doesn't matter...whether it's Linux, Apple, or Microsoft, you got to get used to the notion that this stuff needs to be patched and you just have to cope with that. It'd be nice if the vendors didn't feel the need to pound their chests loudly with "new release" announcements, pop-up dialogs, and other nonsense when they fixed a bug in their own software, but developers are people too, and they like the feeling of accomplishment that goes into fixing something; they just want the users to know how proud they are of fixing that software.
OSX requires you to put your admin password in. It's called security. Win7 does too, but they learned from the Vista fiasco just to turn off the UAC for things like this. Win7 just goes and looks it up without asking you...
So let me get this straight:
When OSX requires a password, it's called security.
When Windows requires a password, it's called a fiasco?
This is why whatever OS is the most popular will ALWAYS be insecure, regardless of its name or creator. The masses will always demand everything be automatic and password-less to reduce annoyance.
I'd rather those programs you listed not bother to update at all, the risk of virii is minimal. Adobe is the worst offender - always bugging me, and the updates are probably because it wants to spam you more.
Why OpalCalc is the best Windows calc
Just FYI. If you go with Windows Vista, it tends to not be as friendly when letting say when and where it applies the updates.
I had often found it would attempt to reboot the computer which when playing a full screen game, would not show the automatic warning where you could hit cancel.
But there is a way modify the registry so it would not reboot automatically without your intervention.
"I am the king of the Romans, and am superior to rules of grammar!"
-Sigismund, Holy Roman Emperor (1368-1437)
Secunia doesn't provide software for vulnerability management do they? Why look they do! How ironic!
White papers, are rarely white.
*DrugCheese rants*
This has a really misleading title. I think it should read, "Typical Windows User Needs to Patch Every Five Days." The article clearly states that people are NOT doing this. FTA: "Few consumers devote the time and attention necessary to stay atop the patching job." That means the typical user is not patching every five days.
OSX requires you to put your admin password in. It's called security.
Why can't I create a process, authorised with my admin password, that will do the updates automatically?
Yah. For me, it's that one little patch that sneaks in a 'security fix' - for someone else. That, just for example, bricks a previously broken iPhone. That turns back on the 'phone home for validation' routine. That disables the previously fine software because someone got an injunction against a software patent somewhere. It's the crap they sneak in under the guise of, or packaged with (take it all or leave it all) a "security update" that's really infuriating.
AC. S.
I'm pretty new here, and the first thing I noticed about /. is that most commenters will take any and every opportunity they can to say something - anything - in criticism of Microsoft, even if it's the most nit-picky little thing, even if it's completely irrelevant, redundant, unjustified, exaggerated, or unnecessary, or even completely false, just because Microsoft is "uncool". Or maybe they just want to be seen by other /.ers, I don't know. Whatever the reason, people just love giving Microsoft shit over the tiniest things. It's stupid and lame, and this "story" is exactly that.
I know, I know. Welcome to Slashdot.
But just in case nobody noticed, Ubuntu asks to install updates far more often than Windows does. Its updates are also alot bigger. I have a Linux machine that I use almost every day, but I also I have an Ubuntu VM, and quite often if I don't use it for a week, it will pester me to download fricken like 70 updates totalling like 660MB. Hang on, what? That's almost as big as the entire distribution!
http://www.qwantz.com/index.php?comic=1579
What do you want to patch today?
whats annoying about updating on the mac 9i mainly use ubuntu an very occasionally windows) is the licence agreements and the fact tha everytime apple updates itunes slightly you have to download an 80+mb update! Same with java - huge download for a slight update!
Oh noes! My computer takes a little while longer to shut down because it's applying updates! Oh no!
It seems that Slashdot really loves to lay it on Microsoft at every chance they get.
Oh who am I kidding, this is pretty much the norm.
What this report doesn't understand is good Anti-Virus products such as McAfee and Symantec are already covering known software/OS vunerabilities, before the vendors provide software/OS updates. So while there may be a lot of security updates out there, that does not mean the Windows user is vunerable just because the software is not patched.
..that Microsoft only releases updates once a month!
I run a FreeBSD-7.2 server. with 862 ports installed. On any given day, I receive notice of at least one or more updates available. Personally, I am relieved to see that someone is actually actively working on improving the software that is available.
Pigskin-Referee
Linux: Yesterday's technology, tomorrow
I run Gentoo, Ubuntu, and most MS products. I patch every fucking day with Linux. First they don't patch enough, then they patch too much, then the patches are too .... Jebus Trucking Rice -1 MOD TROLL and another -1 MOD FUD for this article. Too many fanboy editors with an agenda it seems...
-=[ Who Is John Galt? ]=-
I've done tier 3 support at companies like Microsoft - people complain constantly that we never fixed anything quickly right, so management took that as meaning we needed to release more patches and speed up the quality assurance process by adding more people.
Then when started releasing patches every quarter we got nothing but complaints we were releasing too many fixes. Argh.
It's all one definitive interface under Synaptic/Apt Get. Sure there have been weeks when something was patched everyday, but it's all together, I can click it and go.
With Windows,
A) I'm far more likely to have to reboot.
B) if I do have to reboot it's like, to steal a phrase "a Jack Russel fucking Terrier".
I will fucking shut down
when I'm at a fucking spot
to save my fucking game dammit Bill!
C) Outside of Windows itself, it's a dozen different interfaces, because adobe and ccleaner and java and pidgin have all had to fix this mess themselves.
It's no wonder people click and suddenly realize they just screwed themselves - it's not like there's a unified interface where you can recognize if "X" looks right.
None of which is to say synaptic is perfect - I have my own concerns with it because frankly god help me if canonical ever gets something on it's servers, plus I think you should be able to download and install a program with your own, non-admin privileges (Is there *really* a reason I need to have sudo access to install nethack? Seriously - just make a programs area for user and group level access. If a program *requires* admin level access, either hide it from non admin users, or let the user see what is needed that the admin would have to approve.)
But, compared to windows? I won't go back, you can't make me.
Pug
An Invisible Entity of Vast Power whose existence must be taken on faith alone: Liberal Media
Run a better OS.