- security News Forums
- > My wish list for Windows 7: updates for ...
- > Enough wasting time
Posting 
- Thread
- Reply
- New Topic
- Show Thread
Enough wasting time 10 July 2009 15:09
Yes, we absolutely need "change management" in Windows, and not just
keeping a record of when changes were made, but initiating changes
when security or other updates require it, and allowing the
application to be returned to a previous state if the update turns
out to be unstable.
Windows Installer does everything else, why can't it also make an
entry in such a change management database? It could ideally include
a cryptographic hash for each version of the major files in the
install, to make it easy to detect changes.
The installer should not consider itself finished until it creates a
record of how to automatically reinstall the program, something
"machine readable" that a backup program could use automatically to
backup up the program, its licensing information, and major settings,
and later restore to a particular state.
And that leads to the "updates for everything" setting: the
installer's change management database should include at least one
entry for how to check for and/or initiate updates. This would
ideally be a URI that could be queried automatically, but it would be
helpful even if it were a simple web address. Each program installed
could have settings for various kinds of updates, how the
administrator is informed or reminded about them, on what schedule
the operating system should check for updates, and whether or not to
download and/or automatically install them.
Yes I would expect that any installer (e.g. NSIS) or even a
one-executable Portable application should be able to create and
reference the entries for its application (but not delete or change
old entries). No I am not concerned about anti-piracy protection; if
the installer or change management system can accommodate license
management, fine, but don't make it a manual job each time the
software needs to be reinstalled or updated or downgraded. And I
should be able to confirm that the backup/restore function (and
upgrade/downgrade) works by running it on a test system. In other
words, security and change management should trump license management
when it comes to automated backup, restore, upgrades, and testing.
And this needs to be integrated into the operating system (not a
third party add-on), running by default on each version of the OS,
and it needs to be pretty much transparent to a garden-variety user.
Did someone say Linux? Yes, by all means, let's do all this on Linux
too.
- Posting
- Thread
- Reply
- New Topic
- Show Thread
- Threaded View
- Flat View
