Forum Thread: Problem with PSI 3 Repeating Scans giving "false positives" durin...

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
PSI

This thread has been marked as locked.
genegold99 Problem with PSI 3 Repeating Scans giving "false positives" during session
Member 25th Jun, 2012 01:11
Ranking: 5
Posts: 141
User Since: 25th Nov, 2008
System Score: N/A
Location: US
Last edited on 25th Jun, 2012 18:08

PSI 3 Beta automatically repeats scans during extended sessions and gives a notice if an application needs attention, which inherently isn't a bad thing. The problem is that there's no way to in effect turn off the notices if the user knows about the application being spotted and wants to leave it as is, expecially if it is not insecure. At the same time, this notice provides the user no way to find out if PSI has spotted something new that needs attention, short of opening PSI and letting it scan again. Hence, the user has to repeatedly see notices and then waste time with what can amount to a false positive. Last night, I saw three or four notices over a several hour session.

For example: Opera 12 was publicly released about 10 days ago. The previous release, 11.64, therefore shows as "programs that need updating." However, those who follow Opera closely know that 12 is very buggy, while 11.64 was kept current and is just as secure as 12. Not only are lots of people staying with or going back to 11.64, but also others like me are keeping 11.64 around for comparison in bug testing. Last year I faced the same issued with MS Office 2001, which was listed as only "out of date." I wanted to keep it around, but had no way of taking it out of PSI's calculations. At least then PSI 2 showed a percentage that could be used as reference point (a change downward told me there was something new to look at).

My understanding is that PSI was primarily designed as, or at least initially presented itself for, protecting computers against insecurities. I'd appreciate if it stayed that way, at least enough to give users some flexibility in determining what is shows.

steffens RE: Problem with PSI 3 Repeating Scans giving "false positives" during session
Member 29th Jun, 2012 02:25
Score: 53
Posts: 80
User Since: 25th Jul 2009
System Score: N/A
Location: US
PSI has had an "ignore" function since forever. I've used it, and it works. You should be able to use that to get PSI 2 to shut up about programs that it thinks are insecure, but that you want to keep for whatever reason.

But it's a closely-kept secret, and well hidden, too...

From the Dashboard, click the "Configuration" disclosure triangle.
Click "Settings.
Click "Ignore Rules" tab.
Click "Create Ignore Rule".
In the resulting dialog box, enter PATH to executable file (or directory containing same).
Click "OK".
Repeat as needed.

Not intimately familiar with PSI 3, since I'm planning to stick with PSI 2 for the forseeable future. However, the introductory "PSI 3.0 Walkthrough" video
http://youtu.be/iUmaLmO0gx0
clearly indicates that PSI 3 has a similar functionality. And if the video is to be believed, it's WAY SIMPLER than in PSI 2!

HTH...
-- EstherD
Was this reply relevant?
+0
-0
genegold99 RE: Problem with PSI 3 Repeating Scans giving "false positives" during session
Member 29th Jun, 2012 04:45
Score: 5
Posts: 141
User Since: 25th Nov 2008
System Score: N/A
Location: US
Last edited on 29th Jun, 2012 05:35
Thank you Esther D! You are correct that the ignore function is not well known, to wit this thread saw about 120 views and three days before gaining your response. That apparently means even the experts/admin don't know. The video for PSI 3 does show the way: right click on the app and choose 'do not update.'

Of course, that still doesn't explain why PSI 3 needed to remind me of its presence several times a session, especially given that Opera 11.64 was not insecure. In the video, it refers repeatedly to the apps up top being insecure; out of date is never mentioned.
Was this reply relevant?
+0
-0

This thread has been marked as locked.