Linked by Thom Holwerda on Mon 15th Dec 2008 15:10 UTC
Editorial InternetNews.com states: "Microsoft (or a really smart ISV) should build a full application manager for Windows, similar to what most Linux distributions do today." Most Windows applications come with their own distinctive updating mechanism (much like Mac OS X), instead of having a centralised updating location like most Linux distributions offer. While it certainly wouldn't be harmful for Windows to gain such a feature - the question remains: isn't it time we rethink program installation and management altogether?
Order by: Score:
microsoft would have to let go
by TechGeek on Mon 15th Dec 2008 15:18 UTC
TechGeek
Member since:
2006-01-14

For this to happen, Microsoft would have to let go of some of its control. When Code Red was running rampant on our university campus, we were not allowed by Microsoft to distribute the patch ourselves. We had to have the students all go through Windows update. You can imagine how much bandwidth that took on a campus with 20,000+ computers.

Plus, you would have to unhinge WSUS from AD. Not all machines are in AD, but you would still want them to use this service.

Reply Score: 5

RE: microsoft would have to let go
by judgen on Tue 16th Dec 2008 04:10 UTC in reply to "microsoft would have to let go"
judgen Member since:
2006-07-12

Mircosoft could be the package maintainer. And only tested and scanned submitted apps would be allowed onto the repo. Thus making the threat to the customers alot smaller than current situation where people download apps from all over the place.

Reply Score: 1

jabbotts Member since:
2007-09-06

I think it would be too much of a threat to MS and it's shareholders. They would have to host competitive software along side there own products. Wile I'd love to see the Windows Update site offering Firefox, Opera and Safari along side IE.. something about winged bacon comes to mind.

Centrlized package management would do a lot of good for the end user but it's not about them, it's about the shareholder's payoff.

Reply Score: 3

RE: microsoft would have to let go
by mabhatter on Tue 16th Dec 2008 05:48 UTC in reply to "microsoft would have to let go"
mabhatter Member since:
2005-07-17

but that's the point, they want you to control them so they can be licensed. And they charge extra to programmers to use the good .msi packaging tools that only work under the AD+ SUS combo.

on top of that ISVs have their own "tried and true" methods of installing.. think Oracle, Autocad, Adobe, etc. and they won't bend to Microsoft's way, they WANT to make installing painful.

Reply Score: 2

v What? Has the author ever used linux?
by neozeed on Mon 15th Dec 2008 15:26 UTC
Ford Prefect Member since:
2006-01-16

I don't know what you are talking about.

Searching: pacman -Ss <keyword>
Installing: pacman -S <packet>
Upgrading: pacman -Syu
Removing: pacman -R <packet>

That's all I ever need. Sometimes I put a 'f' in there.

You moan about all these 1000 different ways. What you seem to forget is that every single user only needs his very one single way for his distro.

Talking about 1000 different ways, that's exactly the problem of Windows software installation and upgrading. Every piece of software you find somewhere else, you have to run through a semi-conherent installer program and in the end have a semi-coherent way of hopefully removing it again. And then you have to actively download new versions, etc. if it doesn't come with some sometimes-crappy self-update option.

No central system means that everybody is re-inventing the wheel, some with better success than others.

On the other hand, I don't see packet management like in Linux on a commercial platform soon. There is much more behind it than just a convenient way of keeping your software up-to-date. Think about the tight interplay of all these different libraries. In a commercial work there is no place for this, packet managers would never gain the control they really need to provide a high-quality software system.

Reply Score: 18

spiderman Member since:
2008-10-23

Or because there are SEVERAL communities.
Windows is just yet another system with yet another way of installing software. It has the very same problem as other distros.
"THE linux community" has nothing to do with this.

Reply Score: 3

Soulbender Member since:
2005-08-18

Each different Linux distro is like a completely different platform because of the community's inability to decide on anything.


Has the author (of this post) ever used Linux?
You dont need to care about every damn distro, only the top ones, which leaves you with basically RPM or .deb. Wow, two systems. The difference between the different distros that are using the same package system (rpm or deb) is so minor that usually it doesn't even matter.
Maybe this is a bit harder for the developer but here's a hint: as a consumer I dont give a damn. I care what makes things easier for ME. Cry me a river.

Reply Score: 8

google_ninja Member since:
2006-02-05

It's still a valid point. Its not like there is one central repository for all linux programs, there are hundreds, all with different content, different levels of quality, and different levels of compatibility with each other.

Its not hard to get into alot of trouble as soon as you venture out of whatever distro specific repository you should be using for everything.

Reply Score: 5

GNU/Linux is better
by Moulinneuf on Mon 15th Dec 2008 17:11 UTC in reply to "RE[4]: What? Has the author ever used linux?"
Moulinneuf Member since:
2005-07-06

It's still a valid point


No.

Its not like there is one central repository for all linux programs


Are you really suggesting there is one for all Windows and Apple program ?

there are hundreds, all with different content, different levels of quality, and different levels of compatibility with each other.


Your talking about GNU/Linux , not windows and Apple.
1 distribution usually as one official repository and one official package manager.

Its not hard to get into alot of trouble as soon as you venture out of whatever distro specific repository you should be using for everything.


I wonder how you survive with a windows system , it's worst.

Reply Score: 2

Moredhas Member since:
2008-04-10

There's a reason there are so many different repositories. Every major Linux distribution keeps their own repositories which only contain software and libraries that are tested and known to work and be compatible with eachother. If you install something from a default Ubuntu repository, you can be certain all of it's dependencies will also be there, and be the right version. Adding more repositories in Ubuntu is as trivial as adding a URL to the end of a list. One line, nothing complicated. In the past three years, I have never had a serious problem with package management, no matter how many third party repositories I've added.

If having the latest version of a program is more important than having the tested version in the repositories, often you'll find the developers have already packaged it and it just hasn't been accepted into the official repositories yet. I normally add the repository of a program I like to keep up to date (like WINE), and then keeping it up to date is exactly the same as keeping any other program up to date. The same update tool is used, it shows up in your list of updates right next to everything else. It's virtually seamless.

Package management in Linux isn't perfect, I'll admit, but in my opinion it is better over-all compared to OS X's and Windows' software installation.

Reply Score: 4

lemur2 Member since:
2007-02-17

There's a reason there are so many different repositories. Every major Linux distribution keeps their own repositories which only contain software and libraries that are tested and known to work and be compatible with eachother. If you install something from a default Ubuntu repository, you can be certain all of it's dependencies will also be there, and be the right version. Adding more repositories in Ubuntu is as trivial as adding a URL to the end of a list. One line, nothing complicated. In the past three years, I have never had a serious problem with package management, no matter how many third party repositories I've added. If having the latest version of a program is more important than having the tested version in the repositories, often you'll find the developers have already packaged it and it just hasn't been accepted into the official repositories yet. I normally add the repository of a program I like to keep up to date (like WINE), and then keeping it up to date is exactly the same as keeping any other program up to date. The same update tool is used, it shows up in your list of updates right next to everything else. It's virtually seamless. Package management in Linux isn't perfect, I'll admit, but in my opinion it is better over-all compared to OS X's and Windows' software installation.


There is a third option that you seem to have missed that uses the package management system, guarantees it will work if you choose the correct source, and does not require you to add extra repositories to your repository list.

An good example of this other "repository-less" method of installing packages for Linux that I speak of can be found here:

http://www.getdeb.net/

Reply Score: 6

Moredhas Member since:
2008-04-10

I use Getdeb when I'm feeling lazy, and only if the version on Getdeb is the latest version of the program I want. Otherwise, I compile from source; but that's a rare occurrence for me too.

Reply Score: 1

lemur2 Member since:
2007-02-17

It's still a valid point. Its not like there is one central repository for all linux programs, there are hundreds, all with different content, different levels of quality, and different levels of compatibility with each other. Its not hard to get into alot of trouble as soon as you venture out of whatever distro specific repository you should be using for everything.


I'd dispute that. Package managers these days have very good checks for dependencies, and very good algorithms for resolving them.

If there is no solution to install a given package, then the package manager won't install it.

Where is the path that would "get you into a lot of trouble"?

Reply Score: 4

google_ninja Member since:
2006-02-05

In all the years I have used linux it happened three times with fedora and once with ubuntu, once with debian that the package manager ended up getting borked in some way to the point where I couldn't add or remove packages.

With fedora it was because I kept adding third party repos that were compatible with fedora, but not compatible with each other, and had overlapping packages. Both times with debian it was because I was installing debs pulled from somewhere other then the debian repos (once it was from a friend, once off of a website)

Its not like this is a pandemic, at least not since the rise of ubuntu (the debian repos IMO are top knotch and fairly comprehensive). but it does happen every once in awhile, and when it does it is a real problem, especially for a newbie linux user.

Reply Score: 2

jabbotts Member since:
2007-09-06

It's rare that one would need to venture outside the distributions repositories in the first place. Mandriva includes everything I need for a desktop with bleeding edge program versions. Debian's repositories are an even larger software libary to choose from. The only thing I need outside of those two sources is VMware Server which is completely painless to install from tarball with it's own installer; server software requiring some typing during installation is not an issue for me though.

Reply Score: 3

Soulbender Member since:
2005-08-18

Do you seriously think Windows consumers care if something that makes things easier for them makes things a bit harder for the developer? Hint: No.

Reply Score: 6

Ford Prefect Member since:
2006-01-16

The most pain-in-the-ass platform to develop for in the long run was always Windows (although MS has really good developer tools). So your answer is wrong, it is obviously "yes".

And btw. I developed applications for GNU/Linux. I provided the source online, nothing more. Others packaged it. Result: It is part of official Debian and Ubuntu repositories. It is part of official and inofficial ArchLinux repositories. There are Gentoo packages. There are some "generic" packages to be found on the internet as well.... In the end, almost every Linux user can use my software and all I did was to provide the source code in a standard way (autotools).

I don't even have to compile it for them or build an installer. Still every one of my happy users can install and uninstall it easily.

So whoever invented that crap about "Linux is bad for developers": Talk to the hand. It is crap. If you stay to the rules, it is the best platform to develop for. Lots of free libraries to use and you don't have to ship them yourself, etc. pp. Make it run on your system and (stay by the rules!) it will work on every system, even _future_ ones. (People in Ubuntu once introduced a patch to my program to make it compile with their new GCC version -- I had to do nothing for that).

As soon as you don't want to give away the source code it gets harder -- but still (imho, ymmw) not harder than Windows.

Reply Score: 8

Soulbender Member since:
2005-08-18

Why are they developing for Windows then. Win32 isn't exactly a smooth ride.
Certainly there needs to be incentives but package management has very little to do with if someone is going to write an app for Linux or not.

Edited 2008-12-16 10:28 UTC

Reply Score: 4

Jokel Member since:
2006-06-01

Don't exaggerate will you?

There are in general three kind of files the program writers have to supply:

rpm - Redhat package manager files.
deb - Debian package files.
tgz - tarball file.

The rpm and deb files are only in essence the program files with a list of standard locations and dependencies that have to be resolved by the distro's package manager. Nothing more, nothing less. The program makers don't have to supply their program for all variations and tastes of distributions. The program writers only have to sum up what dependencies.

It's the task of the distribution makers to make sure the application runs on their specific ditribution. If the standard package won't run, those distro makers have to compile and package it themselves.

So - please stop spreading the stupid myth the program writers have to supply their program for all tastes of Linux distributions. This is simply not the case...

Okay?

Reply Score: 9

zelrik Member since:
2008-02-16

I agree with that, and while they are many different distributions, only a few are worth a try for beginners :

Ubuntu or one of the many flavors of it (Then Debian if you want to go further)
OpenSuse
Mandriva

Fedora is a bit more technical and I think the rest are outliars, by this I mean : wouldnt be as fun for beginners.

If anybody can think of any other popular one, let me know.

Reply Score: 2

chris_dk Member since:
2005-07-12

Don't exaggerate will you?



Spread knowledge, not misinformation.


It's the task of the distribution makers to make sure the application runs on their specific ditribution. If the standard package won't run, those distro makers have to compile and package it themselves.


which is why, eg. the abiword developers are saying that it is easier to deploy on Windows than Linux and users constantly complain because they are using the old version.

So you are hurting developers and users.


So - please stop spreading the stupid myth the program writers have to supply their program for all tastes of Linux distributions. This is simply not the case...

Okay?


Yes, they have if they want to make it easy for their users. Just look at skype, flash, pidgin etc. and tell me they have a single version.

Pidgin:

Windows
Fedora
CentOS / RHEL
MacOSX

Notice two different linux versions.

Skype:

11 (!) different Linux versions.

Only Linux users would say this is an advantage!

Stop spreading the myth you can always get the latest version from your distro and that developers don't have to do a thing.

Reply Score: 5

callinyouin Member since:
2008-12-15

As far as software developers having to release different binaries for different flavors of Linux, I really think that is a moot point. Here's why:
They can release the source (.tar.gz) package and possibly one or two of the popular binary packages (rpm, deb) IF THEY WANT. In the case that they don't release anything besides a source package the developers/maintainers of each independent distribution can create the packages themselves, which is often what happens. I mean, who better than the developers of the distribution to package something for their own distribution?
So, while the task of packaging has to be done by someone, at least that task does not have to be placed on the shoulders of the application/whatever developer(s).

Reply Score: 2

Jokel Member since:
2006-06-01

Sigh...

This is NO proof. If the developers want to make packages for several distro's that's fine...

However.....

They don't HAVE to do it. They are not forced to do it and they don't need to do it. You see - all they have to do is just give the tarrball with the source code. That's the reason there are distro's and distro-builders. They do the job of fitting the application in the distro...

Yeah - and people complaining. There are always people complaining. I tell you a big secret - even developers of windows applications get complaints their software is not working. An that's only one platform so their should not be a problem at all (using your logic). Amazing huh?

Keep the application version up to date is also a job of the distro builders. Most times they will test the new version before bringing it to their platform. And that is the right way to do it. Why should I want the latest version right now if I can get a tested and packaged version a few day's later. What's the hurry?

Now when it comes to closed source code it is a bit of a different story. Most times the developers just give a standard package with pre-coded pieces inside. No source code here. Maya for Linux is a good example of this. Problem? ... No! You see - there is a common set of minimal parameters every Linux distro has. By building Maya against these common parameters the developers can be sure it works on most distro's. Maya works on Redhat, CentOS, Mandriva SUSE and a lot of other distro's. All use the same standard rpm package. No problem at all...

I agree a package manager would not work on a Windows platform, but it is doing a great job on a Linux platform.

Reply Score: 5

lemur2 Member since:
2007-02-17

You moan about all these 1000 different ways. What you seem to forget is that every single user only needs his very one single way for his distro. You seem to forget that it's a pain to distribute an application for each possible way that each distro can manage packages. Windows doesn't have that problem. Each different Linux distro is like a completely different platform because of the community's inability to decide on anything.


For FOSS code this is not a problem. Each distribution will take your source code, compile it with options compatible with that distribution, package it and include it in their repositories. As the author you don't have to do anything at all ... others will help here.

For commercial closed-source code, you are fighting an uphill battle to get that application accepted on Linux anyway. People will nearly always choose an open source equivalent. But even then, if you really want to have a go at a closed-source single-supplier-only application for Linux, then if you follow the LSB API for interfacing to the desktop you then need only really compile your code once and package it in two ways ... as a .deb package and also as an .rpm package ... and you have most Linux system covered.

It is not that hard. Plenty of projects do this.

http://download.openoffice.org/other.html#en-US

Reply Score: 3

jabbotts Member since:
2007-09-06

funny, the distribution maintainers seem to do ok managing additions. It's not like Mozilla has to provide a package for every distribution, just the tarball; the basic universal package. Each distribution then chooses to include it through there own manager.. or not.

But, I suspect we're already way over your head on this one.

Reply Score: 4

Liquidator Member since:
2007-03-04

I hear you... Some have tried and have thrown the towel, for lack of time but also for obvious lack of interest from the community (http://winpackman.org).

On the other hand, PC-BSD has thought the other way around and wondered "What if we used a strong Unix system as a base for our OS and integrated an intuitive Windows-like software management system, something anyone could use right away?".

The result is here: http://bsdstats.org - The basic difference between PC-BSD and DesktopBSD is the way they handle software. Over the same period of time, PC-BSD has gained more than 10 times more users, and PC-BSD itself gathers 3/4 of all BSD users.

The Linux way of managing packages is great, has undeniable advantages, but it is not what regular users want, sadly (or fortunately).

Reply Score: 2

dcwrwrfhndz Member since:
2006-05-26

The result is here: http://bsdstats.org

You can't rely on bsdstats to compare the various BSDs as PC-BSD has bsdstats enabled by default.
Or do you think that, as example, there are less than 6000 boxes running FreeBSD or just 5 in Canada running OpenBSD?

Reply Score: 7

Liquidator Member since:
2007-03-04

I didn't know about that. This alone calls the veracity of BSDStats data into question.

Reply Score: 2

Moulinneuf Member since:
2005-07-06

No , since the problem is you and your point. Not the data veracity. BSDstats show stats about what people who use the software does nothing more.

"This sample represents users of the given BSD operating systems that opted in to install a data collection program. It is not representative in any way of the total population of users/installations of the given BSD operating systems.

More specifically, we are trying to demonstrate to hardware and software vendors out there that *BSD should be viewed as a serious operating system, not just as a hobbyist system, for support (ie. hardware drivers) purposes."

Do you really think that 28,170 user's is showing anything ? Vendor want 100k paying customers minimum.

Reply Score: 2

Liquidator Member since:
2007-03-04

the problem is you and your point.


Which of my point do you disagree with and why?

It is not representative in any way of the total population of users/installations of the given BSD operating systems.


So this comes from the BSDStats website. It clearly means the veracity of information is to be taken with a pinch of salt. Don't you think so?

Vendor want 100k paying customers minimum.


Where did you pick this information? Sounds like you made that up. I'd like to know the threshold for Adobe to decide to finance development of their software on the Unix-based platforms (except OS X). It's definitely a lot, lot more than a hundred thousand users.

Reply Score: 3

Gone fishing Member since:
2006-02-22

When I run Widows update, Windows updates - plus some of the bundled software (WMP etc) - if I have a big hole in my security because of a third part app or driver tough. In Ubuntu when I click update - everything - the OS and everything I’ve installed through Synaptic is updated.

The 10,000 ways is a red herring in Ubuntu I can use synaptic or apt, Red Hat, Slackware etc are different OSes as is OSX RISCOS etc.

Reply Score: 5

Wine-Doors is coming to Windows.
by andy_js on Mon 15th Dec 2008 15:29 UTC
andy_js
Member since:
2008-02-29

I'm one of the developers of a package manager for WINE called Wine-Doors.

We will be bringing Wine-Doors over to Windows and Mac OSX with version 0.2 (Currently it only works on Linux/BSD/Solaris).

Wine-Doors handles installation, removal and upgrade of packages, and resolves dependencies.

Future versions will also handle creation and submission of packages too, so you wont have to wait for us to put together packages.

PS: Gobolinux allows you to submit packages in a similar way. So the argument about having to wait for distributors to put together packages is not always true anymore.

Reply Score: 9

Temcat Member since:
2005-10-18

Wow, cool news!

Reply Score: 2

Windows has needed this for a long time
by bannor99 on Mon 15th Dec 2008 15:32 UTC
bannor99
Member since:
2005-09-15

I've used several 3rd party Windows install / uninstall
programs and have always been astonished by how primitive they are compared to what's available on the free Unices.

Reply Score: 4

fithisux Member since:
2006-01-22

Me too. Totally prehistoric. Unix/Linux/BSd are lightyears ahead in this respect.

Reply Score: 2

morglum666
Member since:
2005-07-06

I have personally intentionally always thought the windows management of updates was the most simple and ideal model.

I have never enjoyed the endless updates intermixing OS updates with applications on linux. The core of my experience is having a responsive OS, not upgrading from text_tool.0.0.1 to text_tool.0.0.2. When you mix application updates with operating system updates, all you really create is an unstable mess.

If you'd like to complicate it further, and linux offers this option, you can inter-mingle repositories of different status's like GA, beta, all intertwined. Apparently this is "Software freedom" - sounds more like software nightmare to me.

I do dislike how many applications in windows attempt their own update, or even worse try to slip in entirely new software packages (Safari, for quicktime users comes to mind) - but that is something I can control.

There are a core group of users, administrators, IT folk who like to run minimalistic systems. Sometimes I think the OS community assumes that we will run something new like linux, but if windows works for you (and it does for me), I would also like to keep that minimalistic, well controlled experience.

And no, I do not have vista installed. ;)

Have a great holiday season

Morglum

Reply Score: 3

fretinator Member since:
2005-07-06

It's like they say, "the sum of the parts is greater than the hole". ;}

Reply Score: 4

UltraZelda64 Member since:
2006-12-05

The thing I like about Windows application management is that it's just a single file (installer) containing everything you need. Just run it and install, including required .dlls. Don't like how the new version ended up? Simple, don't download the new installer, and keep running the old version instead. And with Windows' backward- and forward-compatibility, just about any .exe you can find is likely to work.

The downsides? Being forced to "agree" to stupid EULAs for every damn thing you attempt to install, programs' installers are designed to "take over" in some cases by registering them with every file type imaginable--BY DEFAULT (spending two minutes to uncheck 50 checkboxes is never fun), programs enable useless services by default, spyware and malware, toolbars, and various other crap people contaminate their installers with to generate money... In general, you just have to pay extra attention, because Windows installers try every trick in the book these days, and they all work differently and have different defaults.

In Linux, the biggest problems tend to be the number of packages in the distro's repository and packages that are not well maintained. SeaMonkey is one of the prime annoyances because, being a Web browser, you certainly don't want to lag behind in updates... and if bugs you any time you start it that it's out of date. I have also added unofficial repos for Transmission (for more features) and Wine (for better compatibility), and have occasionally had to compile a program when all else fails. Truly disappointing. One of the other things I don't like is how as soon as a new version of a program comes out, the old one usually disappears. Sure, it simplifies things, but there's a chance a new version does things I don't want.

Still, having a one-stop location to download packages an updates is nice, and it greatly simplifies setting a system up. But it's only as good as the repositories and the package manager itself are.

Reply Score: 2

bannor99 Member since:
2005-09-15

Can anyone tell me how to uninstall multiple Windows apps at one time, that is, to have them uninstall one after the other without me being prompted or having to go back to Add/Remove Programs multiple times?

In most of the free Unixes I've tried, you simply select the programs ( if they were installed using the default package manager) and click Uninstall and walk away.

Reply Score: 3

lemur2 Member since:
2007-02-17

The core of my experience is having a responsive OS, not upgrading from text_tool.0.0.1 to text_tool.0.0.2. When you mix application updates with operating system updates, all you really create is an unstable mess.

If you'd like to complicate it further, and linux offers this option, you can inter-mingle repositories of different status's like GA, beta, all intertwined. Apparently this is "Software freedom" - sounds more like software nightmare to me.


Obviously you have never really used a Linux package management system.

The package management system resolves dependencies and incompatibilities, not creates them.

Reply Score: 5

mabhatter Member since:
2005-07-17

Windows is hell on a a long term install. What most IT people want is a standardized place to put programs and a standardized way to uninstall them properly. Like a super-Add Remove Programs. Ideally, every Windows software should be shipping as an .msi, just like Apple has .app. An msi file has manifests, contents list, versions and everything. It's designed to tie right in to Add Remove Programs... but NOBODY uses it properly, not even Microsoft. The only software Microsoft releases with proper formatting is IT related stuff.

What people want is to turn "Program Files" into a dropping place for msi packages, then use Add Remove to properly install/uninstall from that directory. You'd always know EXACTLY what was on your system, making spyware that much harder. You'd be able to back up really quickly. If you were clever, you'd even put some kind of "phone home" url in the packages to check at microsoft or at the ISV for updates and pop a flag if one is available. Microsoft has the tools right now.. they choose not to push the issue.

Reply Score: 4

and the answer is ...
by krom on Mon 15th Dec 2008 15:49 UTC
krom
Member since:
2006-09-29

... why bother?

Reply Score: 2

Offline installation
by edogawaconan on Mon 15th Dec 2008 15:52 UTC
edogawaconan
Member since:
2006-10-10

Is something I find difficult on Linux.

Too bad PC-BSD chooses KDE or I'll be happily using it.

Reply Score: 1

RE: Offline installation
by mksoft on Mon 15th Dec 2008 20:08 UTC in reply to "Offline installation"
mksoft Member since:
2006-02-25
RE: Offline installation
by pixel8r on Wed 17th Dec 2008 03:34 UTC in reply to "Offline installation"
pixel8r Member since:
2007-08-11

Is something I find difficult on Linux.

Too bad PC-BSD chooses KDE or I'll be happily using it.


If file is on CD:
1. Insert CD.
2. When folder pops up (depending how your system is configured - you may have to even navigate to your CD directory), double click RPM file (or DEB etc).
<same as online installation from here>

If file is on HD:
1. Double click RPM file (or DEB etc).
<same as online installation from here>

That wasn't too hard now was it?

Reply Score: 1

And who is the top-listed application?
by MacTO on Mon 15th Dec 2008 15:56 UTC
MacTO
Member since:
2006-09-21

One of the nice things about the open source package managers is that they pretty much treat all software as equals. Or if they aren't equals, it is because an application isn't deemed as ready for the main repository based upon technical or legal issues.

The world of commercial software doesn't work like that. Every vendor wants to see their product get the best shelf space, even if it isn't the best product. In order to achieve this goal, they are quite willing to pay for that shelf space.

So Microsoft's would sorta be stuck in a quandray if they set up a Linux like package manager. Who gets the top spot if someone searches for CADD software? Okay, maybe that's an easy one. The company that pays for the top spot gets that top spot. Now what if a user was searching for a word processor? You know very well who Microsoft wants on the top. You also know very well that the lawyers at Microsoft's competitors are going to be reading a few anti-trust cases. In other words, it's a no-win for Microsoft.

It is also a no-win for the consumer. If Microsoft set up a package manager, it would pretty much be the one stop and only stop that most people make while looking for software. It would be dead simple for a vendor to buy their way to the top of the list because there would only be one list that really matters. They may not earn. Not everyone is going to jump at a product because of that, but you can bet a greater portion of the unwashed masses would.

Now a unified update manager is a different story. That would probably work.

Reply Score: 6

My 2 cents
by DrillSgt on Mon 15th Dec 2008 15:58 UTC
DrillSgt
Member since:
2005-12-02

Does it *need* it? no. Would it be helpful? *Very*.

There was a program back in the 90's called Cybermedia Oil Change. This was a subscription based service. The software that you loaded on the system checked for updates. You got to choose which ones and either installed them or not. The key factor is it checked for updates for each program and driver you had installed on the system. It worked smoothly and flawlessly, and worked like many of the Linux update managers. The company was purchased by McAffee, and subsequently killed off after a very short time. The subscription fee was $30/year or so, and was well spent. Basically you were paying someone else to keep up on all the patches, as Oil Change would update it's list of repositories and patches when launched. It could also be set to auto-update if one so desired, which I think auto updating is evil, but that is another discussion. I used it on Windows 95, and I no longer had to search for patches manually. It updated drivers, productivity software, games, you name it. All through one simple to use interface. My take is this idea was just way before it's time. It existed at a time when less than half of the US for example had broadband internet connection to houses. Of course a product would be killed off, as it would not have been deemed as profitable.

In short, yes it can be done, and it has been done. The benefit was great, and the benefit would be great again. The biggest issue if we wrote an OSS version of something like that, is who would maintain the links to all the software packages vendors, hardware sites to make sure only the latest patches were sent out? It may sound easy, however it gets immensely more complicated when the actual repositories are out of your control.

Reply Score: 3

hmmm..so why..
by zelrik on Mon 15th Dec 2008 15:59 UTC
zelrik
Member since:
2008-02-16

Why people write stuff they dont have a clue about. The repositories ARE NOT limited by the provider of the distribution for Linux. There are PPA's (Personnal Package Archives) from where you can get more bleeding edge versions of your softwares. Those PPA are basically 3rd party repositories and their use is more than trivial. Of course for Linux, some softwares are more or less available in PPA's depending on how popular and complete they are and THAT IS FINE. Who wants to install a 0.3 beta anyway but a beta-tester?... Do you guys ever install Beta's coming from microsoft? No because they dont even release them.

Edited 2008-12-15 15:59 UTC

Reply Score: 5

RE: hmmm..so why..
by lemur2 on Mon 15th Dec 2008 22:35 UTC in reply to "hmmm..so why.."
lemur2 Member since:
2007-02-17

Why people write stuff they dont have a clue about. The repositories ARE NOT limited by the provider of the distribution for Linux. There are PPA's (Personnal Package Archives) from where you can get more bleeding edge versions of your softwares. Those PPA are basically 3rd party repositories and their use is more than trivial. Of course for Linux, some softwares are more or less available in PPA's depending on how popular and complete they are and THAT IS FINE. Who wants to install a 0.3 beta anyway but a beta-tester?... Do you guys ever install Beta's coming from microsoft? No because they dont even release them.


You don't even require a repository in order to use the Linux package managers. All you need is a downloadable package file. Typical formats are .deb and .rpm.

For example ... download a .deb package file, save it somewhere, open the file manager, navigate to where you saved it, and then double-click the .deb file.

Normally ... a program similar to this will run ...

http://en.wikipedia.org/wiki/Gdebi
http://en.wikipedia.org/wiki/File:Gdebi.png

Note how it will find and install from normal repositories any other dependencies of the .deb package that you do not already have installed.

(for KDE there is a similar applet for adept).

Reply Score: 3

RE[2]: hmmm..so why..
by Thom_Holwerda on Tue 16th Dec 2008 01:00 UTC in reply to "RE: hmmm..so why.."
Thom_Holwerda Member since:
2005-06-29

You don't even require a repository in order to use the Linux package managers. All you need is a downloadable package file. Typical formats are .deb and .rpm.

For example ... download a .deb package file, save it somewhere, open the file manager, navigate to where you saved it, and then double-click the .deb file.


...after which the package manager will check the... repositories for dependencies. In other words, no matter what you do, you still need repositories. If you've downloaded a .deb, saved it for later, and then you try to install it when you're offline (a common situation for me, I travel a lot), you're fcuked. Great system, yeah.

Anyway, most of you have completely missed the point. You are arguing over which method is the best, while to me, that sounds like debating what method of suicide you'd prefer.

When will you people get it into your heads that no matter the platform today, software management is a damn pain in the ass, it's never intuitive, it's never easy, always filled with caveats, and in general a sub-optimal, medieval experience.

Reply Score: 1

RE[3]: hmmm..so why..
by lemur2 on Tue 16th Dec 2008 02:05 UTC in reply to "RE[2]: hmmm..so why.."
lemur2 Member since:
2007-02-17

"You don't even require a repository in order to use the Linux package managers. All you need is a downloadable package file. Typical formats are .deb and .rpm. For example ... download a .deb package file, save it somewhere, open the file manager, navigate to where you saved it, and then double-click the .deb file.
...after which the package manager will check the... repositories for dependencies. In other words, no matter what you do, you still need repositories. If you've downloaded a .deb, saved it for later, and then you try to install it when you're offline (a common situation for me, I travel a lot), you're fcuked. "

Well, there is of course a way to work offline as well.

Point your package manager at the repository directory of the install DVD, and carry that DVD with you when off-line.

Ubuntu (? ... perhaps this was Mandriva?) nowadays will even allow you to copy the install DVD repository packages on to the hard disk, so if you have a reasonable size hard disk then you don't even need to carry the install DVD around with you.

If you have a need to work offline often, and anticipate that you may wish to install something later while offline, there is no need at all to get yourself "fcuked" (sic) at all.

Just because one has no chance at all to do this type of thing in Windows doesn't mean that there is no solution for a decent OS.

PS: I have to say Thom, your complaint seems quite contrived. Why would you download something and then not take the extra few seconds to install it then and there, while you were still online?

If I wasn't as generous, I might even be inclined to think you were actively trying to come up with a contrived situation where something about package management wasn't satisfactory.

Edited 2008-12-16 02:15 UTC

Reply Score: 5

RE: hmmm..so why..
by mabhatter on Tue 16th Dec 2008 06:03 UTC in reply to "hmmm..so why.."
mabhatter Member since:
2005-07-17

I'd agree, author doesn't know what he's saying. If you look at the typical Ubuntu install they give you half a dozen repositories to install from and you can turn them on and off. You can even add third party repositories like the famous PLF (penguin liberation front) or Automatix and the package manager software takes all the versions into account when installing software. Remove a repo and all the software versions (at least try) to drop back to the next level you have installed. It's not perfect, it still works on scripts, not working with the actual system you have, but it's way better than the other guys.

Reply Score: 3

RE[2]: hmmm..so why..
by lemur2 on Tue 16th Dec 2008 07:31 UTC in reply to "RE: hmmm..so why.."
lemur2 Member since:
2007-02-17

I'd agree, author doesn't know what he's saying. If you look at the typical Ubuntu install they give you half a dozen repositories to install from and you can turn them on and off. You can even add third party repositories like the famous PLF (penguin liberation front) or Automatix and the package manager software takes all the versions into account when installing software.


Just a couple of quibbles.

PLF is for mandriva. The Ubuntu equivalent is Medibuntu.

http://www.medibuntu.org/

If you include the medibuntu repository in your apt sources, and add the medibuntu key (which AFAIK should be OK if you are not resident in the US), then it will become a well-integrated part of the package management system, with updates and every good feature.

Automatix essentially provides a similar service to Medibuntu, but it does so outside of the Ubuntu package management system. Not recommended.

Edited 2008-12-16 07:35 UTC

Reply Score: 3

v lol give me a break
by neozeed on Mon 15th Dec 2008 16:07 UTC
System Tray....
by apoclypse on Mon 15th Dec 2008 16:08 UTC
apoclypse
Member since:
2007-02-17

Another issue is that because of the non centralized way of installing and updating apps in Windows, you have companies like Adobe and Sun putting things into your system tray just to update their apps. The System Tray, a place which is already scarce of real-estate is actively used by companies in-order to automatically update their applications and no one elses. In Linux, centralized package management means that the system handles the updates, usually with one system tray icon and a separate windows showing you all the applications that need updating. If you install Adobe reader, Flash, JRE in say Ubuntu you are not going to get three system tray icons all asking you to update, they get updated by Ubuntu's update manager.

Sure, this depends quite a bit on the distro maker, but it doesn't have to. Most of the package managers in Linux allow for 3rd party repos. With Windows this would be much easier to support if MS allowed for third party vendors to add their repositories to MS update functionality. Adobe already has an installer that ha to download the full file from their own repo, basically all these 3rd party companies have to do is create an installer with the repo info, have the user install the file and ask for the gpg or whatever certification MS wants to use and all the installer script does is add the repo to the package manager download the actual binary and install. It could be seemless for users. Like Ubuntu you can still install full packages you download (the package manager would usually check dependencies at this point but that is not as important in Windows or OSX due to the way they package things).

BTW, Apple's iphone package manager is pretty good and it does update all apps on your iphone, but then again Apple controls all of the distribution of the apps in the appstore, which I'm sure they would love to do on OSX.

The only real issue, which even Ubuntu hasn't gotten down yet, is copy protection for commercial apps. Again with windows and OSX this is a much easier to cope with than with Linux. One solution is to do what Adobe did with theirs, which is to ask for the activation key when you first start the application as opposed to when you first install the application.

Reply Score: 4

Wrong question
by Soulbender on Mon 15th Dec 2008 16:12 UTC
Soulbender
Member since:
2005-08-18

"Does Windows need a package manager" is not a relevant question. Personally I don't much like how software management work on Windows but hey, I've made my choice not to use Windows. Obviously what there is is sufficient to keep most people happy so far. The question is if enough people who uses Windows want one. If you build it they will come, providing there's a need for what you built. Don't talk about it, code it.

You could even argue that Windows does have one already, Windows Installer. Granted it doesn't handle automatic updates and such but neither does Slackware's package system.

Reply Score: 3

v Needing a package manager is a flaw
by theosib on Mon 15th Dec 2008 16:34 UTC
Thom_Holwerda Member since:
2005-06-29

I agree that MacOS should have a centralized update system. Oh, wait. It does. It's called "Software Update..." The only problem is that far too many apps don't take advantage of that. They should.


NO application other than Apple's own make use of Softwsre Update because... Software Update is closed. It's Apple-only.

Reply Score: 2

theosib Member since:
2006-03-02

Well, that would be stupidity on the part of Apple. I generally like Apple and their hardware and their OS. But they do a lot of stupid things.

Reply Score: 1

zelrik Member since:
2008-02-16

That 'flaw' has been f--king useful to be honest. I do remember people installing software anywhere on their Windows and losing track of them. Linux IS more organized that any OS I have seen so far (which isnt hard I admit). Also for the upgrades... ubuntu does it right or almost as a far as I know, I had no issue at all upgrading from 8.04 to 8.10. I couldnt say the same for upgrading from XP to Vista. Linux might have flows but man seriously... the package manager is a MS-killer.

Reply Score: 3

eldarion Member since:
2008-12-15

Manually uninstalling an app in Linux is a nightmare because the parts are in unpredictable places with unintuitive names.

And why would you manually uninstall apps on Linux? It makes no sense at all. If i uninstall an app with my package manager, i just need to do “pacman -R <package_name>”. I can easly see all the files that were installed with “pacman -Ql <package_name>”. If i really want to install apps from the source code (and don't what to use “makepkg”), i just need to do “make uninstall” to uninstall them. Done.

What MacOS does right is bundle all parts of an app together under one directory

I think that's a mess.... having libs, execs, text files, etc... all on the same folder. So, you see... it all depends on point of view.

Upgrades in Linux are a nightmare, because none of the package managers have any clue about how you merge your config file changes with the additions to the config file that come with the update

I speak for myself when i say that i haven't that kind of problem. My package manager don't overwrite config files. If they need to be installed, it just copy the new config files with “.pacnew” extension.

(and believe me, those package managers break).

Humm.... ok, i belive you! lol.

Edited 2008-12-15 21:11 UTC

Reply Score: 4

theosib Member since:
2006-03-02

One case where you would manually uninstall a package is if you have to build and install it yourself manually. This happens when the package you want isn't available in the repository and isn't available anywhere as a .deb or .rpm or whatever. I understand that there are some tools that'll turn an auto-conf package into a .deb, but as you can see as you go along, it gets ever more complex as yo have to learn to use more tools.

Also, upgrade hell, with dependencies breaking and config files getting munged is why I quit using Gentoo. My system just got to be so completely hosed I couldn't use it. With Ubuntu, at least it doesn't take nearly so long to wipe out and reinstall your whole system.

Reply Score: 1

Jokel Member since:
2006-06-01

Well - if only the source code is available it is still possible to use the package management system.

You just do a ./config and make like you are used to do, but in stead of doing a last "make install" you use the command 'checkinstall'. This command builds a package (rpm or deb - depending on your system), and this package can be used by your package manager.

This reduces the risk you end up with a not-working and installed program. You just use the package manager again to uninstall the non-cooperative program, and it is fully removed. No loose ends and no orphan files.

The only drawback is that you can use the generated rpm or deb package on your system only. On the other hand - most applications you have to compile by hand are most times specially adapted for your needs (otherwise you would be using a general package).

Most distro's have checkinstall in their repository's, so there is no reason why you should not use it.

Reply Score: 2

abraxas Member since:
2005-07-07

Also, upgrade hell, with dependencies breaking and config files getting munged is why I quit using Gentoo. My system just got to be so completely hosed I couldn't use it.


Gentoo didn't munge your config files, you did. There are tools to properly update your config files if options or formats have changed but if you decide to just overwrite all your existing configs that's your fault just like clicking "ok" on any window that pops up on Windows just so you can get rid of it.

Reply Score: 5

lemur2 Member since:
2007-02-17

Mostly you either just lose your changes or break the software due to missing updates to the config file.


I dispute this also. I have been updating packages for quite a few years now using package managers. Neraly always there is a default config file for the appliaction included in the package file (for people who are installing it for the first time). The package manager always notices the new default config file and the existing one, it will ask which version to use (default is to keep the old version), it can display the differences between the new default and the existing config file on the fly before you answer this question, and new versions of applications which change the config file format ALWYS retain the capability to read the older format and change it to the newer one.

Never once, in the hundreds of hundreds of times I have update applications using package managers, have I ever lost any configuration.

Not once.

Reply Score: 5

Yes, kinda
by joshv on Mon 15th Dec 2008 16:36 UTC
joshv
Member since:
2006-03-18

I don't want package management - I want a better OS managed install and update mechanism. Additionally I want application installs to be entirely self-contained and moveable.

1. Apps come in a self-contained, self-describing package.

2. OS installs apps as described by the package - app installation can't write to any place not described in the package.

3. OS periodically checks for updates at a URL provided in the package.

4. OS allows you to move the app to another location (from c:\program files to e:\myapps for example) - or to uninstall and create a new package file that preserves settings, and is re-installable on another machine.

Reply Score: 5

Comment by F_u_X
by F_u_X on Mon 15th Dec 2008 16:42 UTC
F_u_X
Member since:
2007-10-15

For this package manager to be as effective as it is on its Linux counterparts (Debian/Redhat/Suse), it basically would have to offer the same functionalty as its counterparts.

I think that Microsoft would have to open its package manager to other software vendors as well (Sun with Openoffice for instance ;) ).

Furthermore, I think that Microsoft would have to actively cooperate with everybody that wants to release packages (open-office, pidgin etc..) by means of this system.

Without Microsoft's active cooporation in developing and maintaining a package manager for Windows (that has the same features as for instance apt-get / yast) such a project is doomed to failure, if you ask me..

There probably are a lot of other reasons for Microsoft not to develop/support/advertize said Package Manager, but I think the "opening up" and the "providing non-Microsoft software to Microsoft customers" requirements are enough to give Steve Balmer a heart attack on their own.

Besides, isn't Windows Update already some sort of Package Manager (for Windows, Office etc)? It doesn't let you install anything, but it kind of does its job of keeping your software up-to-date (most of the time... try googling for "windows update problem")

Reply Score: 3

The short answer
by Googol on Mon 15th Dec 2008 16:52 UTC
Googol
Member since:
2006-11-24

Microsoft is NOT a distributor. Now there's a point ;)

Reply Score: 3

Never happen
by fretinator on Mon 15th Dec 2008 17:09 UTC
fretinator
Member since:
2005-07-06

Windows and Mac are different eco-systems. They will never have central repositories. The only reason that Linux (and others) can implement repositories is due to the nature of Free Software. There is absolutely no way the OS company (Apple, MS) and all of the 3rd-party vendors would even be able to come together to collaborate on something like central repositories. There is too much at stake for these companies. They are heavily invested in secrecy, and proprietary technology - including even the update process itself! Many companies charge for updates, and certainly would want to heavily control the security and availability of these updates.

While it may be theoretically possible, it just isn't going to happen.

Reply Score: 3

Sourceforge
by robojerk on Mon 15th Dec 2008 17:13 UTC
robojerk
Member since:
2006-01-10

I really wish there was a Sourceforge updater. I use a lot of programs from there (Notepad++, 7-Zip, FDM, Mediacoder, etc). If it worked similar to the Apple Software Updater that would be cool.

Reply Score: 2

Never Happen
by BluenoseJake on Mon 15th Dec 2008 17:26 UTC
BluenoseJake
Member since:
2005-08-11

Proprietary software companies are not going to allow MS to distribute their software, it's that simple. Adobe isn't going to allow MS to provide Photoshop, or any other app. It makes no sense. It gives MS too much control.

And as far as a 3rd party building a package manager, good luck getting the 1000s of Windows App developers to sign on. it's just not doable, not with proprietary software. There are just too many cooks in the kitchen.

Reply Score: 3

RE: Never Happen
by ichi on Mon 15th Dec 2008 18:20 UTC in reply to "Never Happen"
ichi Member since:
2007-03-06

MS doesn't have to distribute anything, the point is having a package manager as a centralized tool to install and update software, not necessarily from repositories. There's no need to download photoshop if you already have the CDs.

Portage, gentoo's package manager, is able to install loads of propietary products and as far as I know no one has signed on anything.

And anyway, even if they were going for a repository based package manager they could set it up so MS didn't have to distribute anything, giving users the ability to add third party repositories (adobe, sun, blizzard...).

Reply Score: 3

RE[2]: Never Happen
by BluenoseJake on Mon 15th Dec 2008 21:10 UTC in reply to "RE: Never Happen"
BluenoseJake Member since:
2005-08-11

They aren't going to trust a third party anymore either. And adding repositories to a package manager is no easier than going to a website and clicking on the download button, or putting in that photoshop CD and clicking install.

There has to be some benefit to do something like this, and there isn't any, for anyone. Commercial software developers aren't going to sign on, it doesn't make life any easier for consumers, so what is the point?

Reply Score: 2

RE[3]: Never Happen
by _txf_ on Mon 15th Dec 2008 21:49 UTC in reply to "RE[2]: Never Happen"
_txf_ Member since:
2008-03-17

Microsoft could institute a "my way or the highway" . They certainly have the power to do so, and have attempted to before (UAC comes to mind). Whilst this has had mixed results, eventually developers will get the idea (however much they complain) and eventually in one or two windows releases nobody will be complaining anymore.

Apps that still refuse will eventually become an annoyance in the eyes of users who see an easy centralized system as opposed to having to dig through the web to find prog X for task X.

Reply Score: 2

RE[4]: Never Happen
by BluenoseJake on Mon 15th Dec 2008 22:08 UTC in reply to "RE[3]: Never Happen"
BluenoseJake Member since:
2005-08-11

Microsoft could institute a "my way or the highway" . They certainly have the power to do so


No. They would be attacked by every industry group, trade regulator, and western government for anti-trust violations.

It would be bloody, quick and painful.

Reply Score: 2

RE[5]: Never Happen
by ichi on Mon 15th Dec 2008 23:33 UTC in reply to "RE[4]: Never Happen"
ichi Member since:
2007-03-06

No. They would be attacked by every industry group, trade regulator, and western government for anti-trust violations.


Provide a well documented API so InstallShield and the likes can keep selling tools to produce custom pimped up packages with flashy screens, and leave a Windows release between adding the feature and the actual enforcement.

Who would complain? Other than those mentioned above, software developers wouldn't care less about the software packaging as long as it works, doesn't add any extra cost and is as easy to use as those being used before.

Reply Score: 2

RE[6]: Never Happen
by BluenoseJake on Tue 16th Dec 2008 10:48 UTC in reply to "RE[5]: Never Happen"
BluenoseJake Member since:
2005-08-11

Provide a well documented API so InstallShield and the likes can keep selling tools to produce custom pimped up packages with flashy screens, and leave a Windows release between adding the feature and the actual enforcement.


They already do, and companies like Adobe ignore it, what makes you think they'll fall in line with this?

It would take a very heavy hand from MS, and that would bring in the Anti-trust suits. It would never work.

Reply Score: 2

RE[3]: Never Happen
by ichi on Mon 15th Dec 2008 23:05 UTC in reply to "RE[2]: Never Happen"
ichi Member since:
2007-03-06

It's quite different than going to the website. Adding repositories means the package manager is now also able to not only install but also update and remove all that new software, everything from a single tool (sort of an "add/remove programs", only that consistent with what it's seems to be supposed to do).

For this to work though software should be all distributed using a standard installer (msi?) that the package manager can use. If they keep distributing random binary executables then that would be indeed not much better than the current situation.

If this was set up right it would be trivial to do stuff like finding what program some dll belongs to, or checking if a program would overwrite a existing library before installing.

Not that it's going to happen, but there would be advantages for the user.

Reply Score: 3

RE: Never Happen
by Doc Pain on Mon 15th Dec 2008 18:25 UTC in reply to "Never Happen"
Doc Pain Member since:
2006-10-08

Proprietary software companies are not going to allow MS to distribute their software, it's that simple. Adobe isn't going to allow MS to provide Photoshop, or any other app. It makes no sense. It gives MS too much control.


I think you're right - this is the providers' point of view.

Furthermore, the average "Windows" user is not familiar with having a kind of centralized software installation tool (allthough the "Add/Remove" facility in the "Control Panel" is helpful where the provided installers / deinstallers don't work correctly). Instead, the user is familiar with the concept of downloading applications directly from the web (primarily through means of search engines and linked pages that seem to offer what they're searching for). When the user searches a certain piece of software, he opens "Internet Explorer" and starts searching. It is that simple. Or they go to the local shop, buy a shiny colorful package and install the software from the DVD in the box.

And here the circle closes: It's completely illogical to assume all those providers of software - and I'm not mentioning only the big ones that make money with their products, keep considering that there's lots of freeware around the web for "Windows" - are willing to put their software into a MICROS~1 controlled software archive.

And as far as a 3rd party building a package manager, good luck getting the 1000s of Windows App developers to sign on. it's just not doable, not with proprietary software. There are just too many cooks in the kitchen.


Good summary. The only means I could imagine how MICROS~1 could force developers to put their software into a centralized kind of repository would be to disallow any software to run when it's not "certified" to have come from this repository. But I think that's impossible, too, because some clever guys will find a way to sneak behind this concept and to disable it, so you can run any software on "Windows" (mind all those warez, keygens, cracked products 'n stuff?). This is how software on "Windows" usually works, and its users seem to be completely happy with this concept.

My final thought, still, a kind of working (!) and almost complete (!) package managing system could be an advantage for "Windows". Just imagine it could be to install a certain set of applications from packages provided on a media, run in batch mode (so nobody needs to be there and click "Next" every five seconds). But this package managing system would also need to keep an eye on the many different versions of "Windows" that are already around (and surely will be), because not every software for "Windows" would run on every version of "Windows"...

Reply Score: 2

RE: Never Happen
by lemur2 on Mon 15th Dec 2008 22:52 UTC in reply to "Never Happen"
lemur2 Member since:
2007-02-17

Proprietary software companies are not going to allow MS to distribute their software, it's that simple. Adobe isn't going to allow MS to provide Photoshop, or any other app. It makes no sense. It gives MS too much control.


Sigh!

You don't need to have Microsoft distribute the software of other companies.

Just have a standard application package format, and have an OS component (similar to gdebi) that can install such packages.

Doesn't the .msi format achieve this already?

Reply Score: 3

The answer is yes
by Moulinneuf on Mon 15th Dec 2008 18:27 UTC
Moulinneuf
Member since:
2005-07-06

The answer is Yes one is needed.

But implementing one is costly when your user's are not used to using one , they seem to think it's a bother to have to deal with security question ( Vista ).

The majority of windows super user's think they know it all , the majority of normal user's don't know anything and relly on those same super user's , That they can manage a system on there own and that there system are secure and that they know how to fix problems.

I like to run belarc and SUMo and Updatestar on windows system to show how much negligent and clueless those people are.

Reply Score: 2

Apt with trusted 3rd parties == perfect
by CaptainN- on Mon 15th Dec 2008 18:34 UTC
CaptainN-
Member since:
2005-07-07

Ubuntu has got it down pretty good - all we need (and Linux needs it too) is an easier to way to added trusted third parties like Opera, Mozilla, and Adobe so that you can get your cutting edge updates right from the source.

In Linux that's actually harder than it would be in Microsoft Windows or Mac OS X, since there is no locked down ABI like in the proprietary world, but even so, Opera seems to manage. :-)

BTW, MS seems to have this kind of model - their windowsupdate.com service currently updates Windows, Office, the Live suite, and a bunch of other stuff. They are probably disincentived to open it up to their competitors though - being a proprietary company, they often compete with the ISVs on their own platform. If I were an ISV like Adobe, I doubt I'd use their update service. I might use a more open, decentralized update framework - like apt, though.

Reply Score: 4

Yes for updates, no for installs.
by WorknMan on Mon 15th Dec 2008 18:53 UTC
WorknMan
Member since:
2005-11-13

Since most Windows software is proprietary in nature, there'd probably be too many hurdles to jump through to make this work.

But what Windows DESPERATELY needs is some uniform way to update all software in one central location (like Windows Update) built into the OS. The way it works now is that you've got 9 million programs making a startup entry for themselves, slowing down your machine to a crawl.
Then at seemingly random times of the day, you'll get a little balloon in your task tray, saying that Adobe Reader (or insert name of other crappy apps here) needs to update from 8.1.0.1 to 8.1.0.2. And the apps that do this RARELY ask for permission, and usually require you to reboot the f**king computer when their done.

Of course, an experienced user doesn't install this sh*tty software in the first place, and if we do, we can use an app like Startup Monitor to prevent apps from doing this. But it can be frustrating for average users.

So I want to know this: why won't Microsoft open up Windows Update to 'trusted' 3rd party developers like Adobe and Apple, so when it's time to install any OS patches, I can get all 3rd party updates at the same time. That way, legit apps no longer have an excuse for putting in startup entries, making the entire OS run smoother as a result. I think that would be worth it for end users.

Reply Score: 3

KISS
by StephenBeDoper on Mon 15th Dec 2008 20:02 UTC
StephenBeDoper
Member since:
2005-07-06

I'm personally a fan of the "Keep It Simple, Stupid" approach to software installation and management. Just give me an archive to download and an OS that makes it simple to install applications via drag-n-drop.

From that perspective, I'd say that the situation in OS X is generally preferable to Windows. That said, however, there are some things about OS X software installation that make me scratch my head. E.g., over-packaging - really, what is the point of putting an installer app *inside* a DMG file? And I'm pretty sure I've seen SIT files that contained a DMG, which in turn contained an installer.

It could also be a little more obvious that you're supposed drag the binary to the Applications folder (most of us have encountered people who always run Firefox, etc, from the DMG file they downloaded). I've never understood why the approach used by many BeOS devs has never caught on in OS X: they use essentially the same approach (with zip files instead of DMGs in BeOS), but many BeOS apps contain a symlink named "Drag '[filename]' Here".

Is there some technical limitation that prevents symlinks from working inside DMG files?

Reply Score: 3

RE: KISS
by Thom_Holwerda on Mon 15th Dec 2008 20:27 UTC in reply to "KISS"
Thom_Holwerda Member since:
2005-06-29

I'm personally a fan of the "Keep It Simple, Stupid" approach to software installation and management. Just give me an archive to download and an OS that makes it simple to install applications via drag-n-drop.


The proposal I made (linked in the short article) is sounds exactly like what you'd want. Coincidentally, the proposals for the Haiku system implement many parts of my proposal.

Reply Score: 1

RE[2]: KISS
by StephenBeDoper on Mon 15th Dec 2008 21:03 UTC in reply to "RE: KISS"
StephenBeDoper Member since:
2005-07-06

The proposal I made (linked in the short article) is sounds exactly like what you'd want. Coincidentally, the proposals for the Haiku system implement many parts of my proposal.


Ha, I never made the connection before - but now that you mention it, the "filer chute" idea *does* sound quite similar to the concept you described.

Reply Score: 2

RE: KISS
by lemur2 on Mon 15th Dec 2008 23:02 UTC in reply to "KISS"
lemur2 Member since:
2007-02-17

I'm personally a fan of the "Keep It Simple, Stupid" approach to software installation and management. Just give me an archive to download and an OS that makes it simple to install applications via drag-n-drop.


For Linux there is "an archive to download and an OS that makes it simple to install applications via" double-click on the downloaded archive.

Will that do?

Reply Score: 2

linux
by ari-free on Mon 15th Dec 2008 22:24 UTC
ari-free
Member since:
2007-01-22

Linux package management probably wouldn't be so bad if there was only one standard platform instead of all these distros.

Reply Score: 3

RE: linux
by elliott1787 on Tue 16th Dec 2008 04:58 UTC in reply to "linux"
elliott1787 Member since:
2008-07-03

That would mean the community would have to decide on the best way of doing things, which isn't going to happen. The great thing is, we don't have to decide, if you don't like something in a specific distribution or application, use something else or make your own. Some people don't like this freedom of choice, so they use something proprietary and conform to the system instead of the system conforming to them.

If some dictator ever did decide that everything was going to be done one way and one way only in Linux, there would be a lot of projects forking off and doing things their own way.

Reply Score: 2

Package Manager Freeware
by GaBMaTrIx on Tue 16th Dec 2008 02:53 UTC
GaBMaTrIx
Member since:
2008-12-15

There is an open-source windows utility already providing package manager capabilities under Windows:

AppSnap
http://appsnap.genotrance.com

It's an open-source software that can automatically detects new version from each software webpage. The detection process is dynamic and quite flexible and it installs each software automatically by passing unattended parameters.

Only things that's missing is an active community around it to update the repository information and improve the code.

Take a look at it, you'll be surprised!

Reply Score: 2

RE: Package Manager Freeware
by lemur2 on Tue 16th Dec 2008 03:52 UTC in reply to "Package Manager Freeware"
lemur2 Member since:
2007-02-17

There is an open-source windows utility already providing package manager capabilities under Windows: AppSnap http://appsnap.genotrance.com It's an open-source software that can automatically detects new version from each software webpage. The detection process is dynamic and quite flexible and it installs each software automatically by passing unattended parameters. Only things that's missing is an active community around it to update the repository information and improve the code. Take a look at it, you'll be surprised!


Doesn't support signing of packages, therefore vulnerable to application website spoofing and hacking of its own application database. Being "unattended", it is a potential backdoor into user's Windows systems.

Edited 2008-12-16 03:53 UTC

Reply Score: 4

RE[2]: Package Manager Freeware
by GaBMaTrIx on Tue 16th Dec 2008 04:12 UTC in reply to "RE: Package Manager Freeware"
GaBMaTrIx Member since:
2008-12-15

Hi lemur2,

You're perfectly right about your comment! The software links aren't check for authenticity and therefore, we can't be sure about security.

This software need to be improved in a lot of different aspects but I think it is a good start.

Do you have a practical proposition about a new security feature? I don't think traditional software signing is appropriate in this case because we download the software directly from the developer webpage. Maybe website authenticity checking along with showing the location of the download to the user in order to gain trust?

If so, please post in in the Issue Tracker here
http://code.google.com/p/appsnap/issues/list

Thanks!

Reply Score: 2

RE[3]: Package Manager Freeware
by lemur2 on Tue 16th Dec 2008 04:45 UTC in reply to "RE[2]: Package Manager Freeware"
lemur2 Member since:
2007-02-17

Hi lemur2, You're perfectly right about your comment! The software links aren't check for authenticity and therefore, we can't be sure about security. This software need to be improved in a lot of different aspects but I think it is a good start. Do you have a practical proposition about a new security feature? I don't think traditional software signing is appropriate in this case because we download the software directly from the developer webpage. Maybe website authenticity checking along with showing the location of the download to the user in order to gain trust? If so, please post in in the Issue Tracker here http://code.google.com/p/appsnap/issues/list Thanks!


AFAIK, Linux package managers get around this issue by including GPG keys for the repositories in the distribution install CD. If you installed a compromised install CD then you are compromised before you start anyway, but if you install a good CD then this allows packages in the repositories to be signed and for the package managers at the recipient end to check the packages on receipt. This is a pretty good system that, AFAIK, has never had a breach. AFAIK there has never been malware installed on a user's system coming from a repository via a signed package.

Having said that, Linux package managers have no such checking means available in the scenario where a user downloads (from a getdeb type of website) an application package (.deb or .rpm) and then uses the package manager to install that. The best that can be done here is to warn the user: "This package is not signed, do you trust the source of this package?" type of warning.

As far as I can see, every single application on Windows is in the latter category rather than the former. This would mean that every package would generate a similar warning every time the users tried to download and install anything. In that situation, the warning would quickly lose all meaning, and become worthless.

I don't see this as a failing of the AppSnap application (an attempt at a package manager for Windows), but rather as a fundamental shortcoming of Windows itself. I don't see any way that the project can circumvent this shortcoming, sorry.

Edited 2008-12-16 04:49 UTC

Reply Score: 5

RE[4]: Package Manager Freeware
by GaBMaTrIx on Tue 16th Dec 2008 05:11 UTC in reply to "RE[3]: Package Manager Freeware"
GaBMaTrIx Member since:
2008-12-15

"Hi lemur2, You're perfectly right about your comment! The software links aren't check for authenticity and therefore, we can't be sure about security. This software need to be improved in a lot of different aspects but I think it is a good start. Do you have a practical proposition about a new security feature? I don't think traditional software signing is appropriate in this case because we download the software directly from the developer webpage. Maybe website authenticity checking along with showing the location of the download to the user in order to gain trust? If so, please post in in the Issue Tracker here http://code.google.com/p/appsnap/issues/list Thanks!


AFAIK, Linux package managers get around this issue by including GPG keys for the repositories in the distribution install CD. If you installed a compromised install CD then you are compromised before you start anyway, but if you install a good CD then this allows packages in the repositories to be signed and for the package managers at the recipient end to check the packages on receipt. This is a pretty good system that, AFAIK, has never had a breach. AFAIK there has never been malware installed on a user's system coming from a repository via a signed package.

Having said that, Linux package managers have no such checking means available in the scenario where a user downloads (from a getdeb type of website) an application package (.deb or .rpm) and then uses the package manager to install that. The best that can be done here is to warn the user: "This package is not signed, do you trust the source of this package?" type of warning.

As far as I can see, every single application on Windows is in the latter category rather than the former. This would mean that every package would generate a similar warning every time the users tried to download and install anything. In that situation, the warning would quickly lose all meaning, and become worthless.

I don't see this as a failing of the AppSnap application (an attempt at a package manager for Windows), but rather as a fundamental shortcoming of Windows itself. I don't see any way that the project can circumvent this shortcoming, sorry.
"

Thanks for your detailed explanation! I have a lot of experience in Linux so I know what you mean! ;)

I'll try to help AppSnap developer as much as I can and keep the security aspect in mind!

Reply Score: 2

Rogue repositories?
by PlatformAgnostic on Tue 16th Dec 2008 08:02 UTC
PlatformAgnostic
Member since:
2006-01-02

This thing is not likely to happen because Microsoft probably does not want to be in a position to verify that a vendor is selling useful and beneficial products.

If Linux were more popular with the masses, we'd be seeing plenty of rogue repositories springing up with all kinds of lovelies.

Reply Score: 2

RE: Rogue repositories?
by sbergman27 on Tue 16th Dec 2008 08:34 UTC in reply to "Rogue repositories?"
sbergman27 Member since:
2005-07-24

If Linux were more popular with the masses, we'd be seeing plenty of rogue repositories springing up with all kinds of lovelies.

Why wait?

http://linuxdownload.adobe.com/adobe-release/adobe-release-i386-1.0...

Edited 2008-12-16 08:35 UTC

Reply Score: 2

Comment by Traumflug
by Traumflug on Tue 16th Dec 2008 09:08 UTC
Traumflug
Member since:
2008-05-22

I don't see a central package manager for Windows or other proprietary OSs either.

In it's early beginnings, Mac OS X had it's Software Update mechanism only and easily could have added support for third parties. But they didn't. Instead, they started to equip even their own apps (e.g. QuickTime) with individual update mechanisms and developers applauded.

But wait - isn't the iPhone app store such a central repository? Unlike Linux package mechanisms it raises a fence between users and developers. This is why it exists.

Either way, Neither Microsoft, Apple nor some other OS vendor has serious interest in hosting a well selected set (builds, compatibility DB) for their product just for the user's convenience. This is where open source really shines.

Reply Score: 3

VersionTracker
by martig on Tue 16th Dec 2008 12:06 UTC
martig
Member since:
2008-12-16

What about VersionTracker?
http://www.versiontracker.com/subscribe/win/

Reply Score: 1

it could all be so simple
by Bully on Tue 16th Dec 2008 14:43 UTC
Bully
Member since:
2006-04-07

Most programs shouldnt need to throw files all over the place, let alone editing registry.
Just one simple folder where all the programm files are stored. including configuration files.
Delete the folder, all is gone, clean and logic.

Might not work for everything. But for most programs.. this should be no problem at all.

Reply Score: 2

Lack of package management is a flaw
by abraxas on Tue 16th Dec 2008 20:13 UTC
abraxas
Member since:
2005-07-07

The biggest issue Microsoft faces without proper package management is security updates for third party applications. Some programs have their own program updaters while others require you to check the web manually for updates. Even if your program has an updater if you don't use it for a while it won't update. Then all the sudden you open the application and it is two versions behind and full of known security flaws. Microsoft's image of a security nightmare will never end if they can't implement a more coherent package management model.

Reply Score: 3

Biased summary
by renox on Tue 16th Dec 2008 20:23 UTC
renox
Member since:
2005-07-06

On Windows, application don't ask you for upgrade each time you launch it, but each time there was an upgrade.

Mature applications aren't upgraded that often, so this is not the big issue that the author wanted to point out.
That said, on XP Microsoft upgrade process suck ass, yes I installed a fix and no I don't want to reboot now, I don't need to be nagged repeatedly!!

Reply Score: 2

RE: Biased summary
by lemur2 on Tue 16th Dec 2008 23:09 UTC in reply to "Biased summary"
lemur2 Member since:
2007-02-17

On Windows, application don't ask you for upgrade each time you launch it, but each time there was an upgrade.


That was an exageration for the situation in Windows, it is true. The Windows scenario is poor enough without the need to exagerate it.

However, if you want an example of bias, look at what was claimed for Linux:
Linux users claim to have the holy grail of application management, but they're also wrong. Yes, they have this elegant central updating and management utility, but in return, you are limited by how up-to-date your distributor is keeping its repositories - or how much stuff they put in there. It's quite annoying to know that a new version of Pidgin is out, but your distributor hasn't packaged it yet. On top of that, these central updating mechanisms in Linux are - still - notorious for making a mess out of things during more complicated update sets.


My goodness! How inaccurate and biased can one get?

Examples: "you are limited by how up-to-date your distributor is keeping its repositories - or how much stuff they put in there"

"but your distributor hasn't packaged it yet"

These baseless claims utterly ignore sites like this:

http://www.getdeb.net/
and it ignores as well application home pages like this:
http://download.openoffice.org/other.html#en-US
or this:
http://www.getfirefox.net/

Consider that this is the equivalent of the ONLY method of installing software on Windows or a Mac, why utterly ignore the fact that a similar method applies to Linux? If one uses gedbi or equivalent GUI to install such a downloaded package, or one uses dpkg or equivalent from the command line to do the same, then the same "uninstall" methods are applicable as packages loaded from the repositories (caveat: keep in mind that update notifiers wont work for packages installed outside of the repositories).

BTW: the google search that Thom included as evidence that package managers make a "mess" shows up hits from years ago. Personally ... I've never hit a snag that couldn't be resolved fairly easily.

Reply Score: 5

RE[2]: Biased summary
by Thom_Holwerda on Tue 16th Dec 2008 23:42 UTC in reply to "RE: Biased summary"
Thom_Holwerda Member since:
2005-06-29

These baseless claims utterly ignore sites like this:


Except... You really shouldn't install applications from outside your distribution's official repositories. A common, and wise advice from many Linux users.

Reply Score: 1

RE[3]: Biased summary
by lemur2 on Wed 17th Dec 2008 01:50 UTC in reply to "RE[2]: Biased summary"
lemur2 Member since:
2007-02-17

"These baseless claims utterly ignore sites like this:
Except... You really shouldn't install applications from outside your distribution's official repositories. A common, and wise advice from many Linux users. "

True. Correct. Installing applications from outside the distribution's official repositories has two disadvantages compared to installing applications via the repositories:

(1) The application packages that one downloads outside of the repositories cannot be signed, and
(2) Application packages that one downloads outside of the repositories are not covered by the update notifier.

Because of those two reasons, it is a better idea to wait until a new package appears in your distributions repositories ... or in additional repositories such as developer personal repositories or third party repositories or backport repositories where it will often appear far quicker.

http://www.cyberciti.biz/faq/ubuntu-linux-install-kde-42/
http://hehe2.net/linux-general/try-kde-42-now-in-ubuntu/

However ... none of that means that application packages outside of the repositories do not exist.

That fact in turn means that the following criticisms you made of installation of software on Linux systems:

Examples: "you are limited by how up-to-date your distributor is keeping its repositories - or how much stuff they put in there"
"but your distributor hasn't packaged it yet"

are both invalid criticisms.

You are not limited by how up-to-date your distributor is keeping its offical repositories, and you do not have to wait for your distributor to package a new version before you can have a means to install it that is equivalent to installing the same software on Windows or Mac.

Edited 2008-12-17 02:01 UTC

Reply Score: 5

Never said I was nice
by BrendaEM on Tue 16th Dec 2008 22:21 UTC
BrendaEM
Member since:
2005-11-23

I thought about a Windows package manager a few years ago, but I didn't want to encourage Microsoft to continue.

Can this article be buried, just a few more years?

Reply Score: 1

Windows already has package manager: SVS!
by womprat on Wed 17th Dec 2008 00:05 UTC
womprat
Member since:
2008-10-30

Altiris SVS is a package manager for windows that's freely available for download and is so compellingly usefull everyone should use. I can't live without this tool now. It goes a step further than a package manager, as it is a data-virtualisation layer for applications. You can do things with SVS that you can't with a linux package manager. You can take an existing application install, package it, port it to another PC with SVS, or reset the data layer. I can uplift my Photoshop app, zip it, and move it another PC and beat activation.

But windows doesn't really need package managers since 9/10 applications can run fine out a folder. Some need to make low level changes to the system that need a reboot or changes that are done by the installer out of laziness, and aren't restored when application is run. I make extensive use of portable applications, something which I haven't found to be so straightforward workable on *nix platforms (more iterative to get working).

Reply Score: 1