Pidgin/Gaim Exploits and Updates

Liam liamtr at gmail.com
Thu Feb 25 22:47:54 EST 2010


I can't remember the last time i heard the word "spake"!

Oh how i wish there was a single package update management system for
non Micro$oft apps in Windows. Currently many apps all run their own
independent updating utils which tend to run in the background at all
times and chew up resources unnecessarily. Personally i disable all
these and only use the Secunia Software Inspector to notify me of
"security" updates for apps.

Anyway, i understand the reluctance to run "plugins" by default, but i
would implore you to make an exception in the case of the updating
plugin with the win versions, or otherwise build in an updating
mechanism for win versions. Windows Users "continue" to be left at
risk if you don't do either.


One "minor" consideration however, is how this may affect users of
portable versions
(http://portableapps.com/apps/internet/pidgin_portable). If the
portable version is not distinguishable from the installable version
by the checking mechanism, portable users will likely be prompted to
download "installable version" patches. However, as Portable Pidgin is
effectively a fork in the project, it is not really  your
responsibility either.
In the case of FileZilla, portable version users are prompted to
install the installable version patches and it is completely up to the
end user to manually download the portable version hosted on a
different site.

I only brought up the above as a "consideration", and i still strongly
believe that update notifications for Windows users is far more
important than a minor potential inconvenience to a comparatively
small number of users in a fork project.

Regards,

Liam






On Fri, Feb 26, 2010 at 6:06 AM, Ethan Blanton <elb at pidgin.im> wrote:
> Liam spake unto us the following wisdom:
>> The update notification is a plugin? I didn't expect that, but thanks
>> for letting me know anyway. Much appreciated.
>>
>> Shouldn't that perhaps be "enabled by default"?
>
> Maybe on Windows.  On Linux systems having real package management,
> these sorts of updates are handled by the distribution.
>
> We tend to not enable plugins by default for various reasons.
>
> Ethan
>
> --
> The laws that forbid the carrying of arms are laws [that have no remedy
> for evils].  They disarm only those who are neither inclined nor
> determined to commit crimes.
>                -- Cesare Beccaria, "On Crimes and Punishments", 1764
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.6 (GNU/Linux)
>
> iQEVAwUBS4bKN/8fixZ3H8crAQhfmAgAiJko0AwYScsI0tZlPvx+jM5uCT4LtUxC
> wKil5EZyeN25uD0BAYCCqNc6COQc4vLtZQc8ODfACovZcE+ROVKLCRl3SsLvukYk
> W7D1+zEkzMDiE210J3qnFBam2N7Xym94t/1Oz4eFaewm3brm/gbRHeoQFIQMqU3T
> GnRcQ6Uwrwx31lXITnT4cyaTnInZxVTBcN0kqn042gpRaQ0oOWC7cchjPlxyLyOB
> G02ThHU3FbusIFe9uydF+yQeDmfTfGX/xMLhB73Vw5Wzj0Op0/3WGnnWVPP59v3t
> PuXsWmvW5QdikjJi66qG3peHhwT4C/MnlYJmyJKr/kRm6hrXGm1cZA==
> =AYO3
> -----END PGP SIGNATURE-----
>
>




More information about the Support mailing list