Why don't you push program updates?

Hello,

since NOD32 v3 I haven't seen you updating the program itself using the build-in update mechanism (sorry, it seems like you have pushed a new build to v3 this month). I don't understand that.

Your changelog is listing many new builds. Most builds are containing fixes for problems, users are having with your software. But these fixes won't reach most of your customers, because you don't push these fixes using the build-in update mechanism.

Do you really expect, that customer have to visit your website on a regular basis to watch for updates?

That is a really bad experience.

I remember NOD32 v2. In NOD32 v2, you pushed new program updates via the build-in update mechanism. Why do you stop doing it?

 

Please search for previous disccussions on this topic, program component updates have been discussed here numerous times. As for releasing PCU, ESET has released a PCU to the latest v3 3.0.695 just a few weeks ago to all clients with older v3 builds. Users with older v4 builds will be upgraded to v. 4.2 in the not so distant future. Of course, this will be announced in advance and the PCU version will be released just after a long time of intensive testing and after it has been available for download for a reasonably long time and no serious problems have been reported.

 

It's nice to hear, that you are planing to push v4.2 as PCU. But why didn't you push new 4.0.x builds as PCU? For example, I have clients still running one of the first 4.0.x release. I understand, that you need to test... but when you have released a new build, which a customer can download, I expected that this build has passed QA. It's acceptable to wait some days, before also pushing it as PCU, but it isn't acceptable if you wait >2 weeks (and in the v4.0.x past, you didn't released any PCU... still testing 4.0.417? Come on....).

 

this has been discussed to death.....

 

If this is your answer, https://www.wilderssecurity.com/showpost.php?p=1483024&postcount=5, it's ridiculous:

For example, if someone is running Thunderbird v2 and one of the first NOD32 v4 builds and upgrades to Thunderbird v3, he will encounter problems.

He starts talking to his friends and no one has the same problem. The different between his computer and the computer of his friends is the used security software. Their software might have the same problem. But because the vendor noticed the problem, fixed it and pushed the update, his friends didn't run into this problem. So what will he do, when it's NOD32 license will expire? He will remember, that he had many problems with his security software. That he was the one, who need to get active (visit vendor's website to look for a solution/update)...

 

Various incompatibility issues can be found even after months, that's why the PCU for v3 was released after so long time since v3 was first released. No serious company whose software hooks deeply into the oper. system will ever release program updates after weeks or a couple months. Even Microsoft does not release service packs in short time intervals, but after a long time of testing. ESET, too, doesn't want to (or better may not) jeopardize customers' safety and bring their system down just because a particular build hasn't been proven good enough to be distributed to users with millions of different system configurations. This is possible ONLY after a particular version has been available to the public for months.

 

So basically what you're saying is that fixing a problem of a small group of people is more important that the real possibility of jeopardizing millions of users and that releasing an automatic program update is worth risking serious system problems by pushing out a PCU to all users. Please consider all pros and cons and you'll understand why PCU are not released shortly after a particular build has been available to the public. However, I'd like you mention that we plan to release PCUs for v4 more frequently than it used to be with v3.

 

OK.

You don't want to push every new build, because you are saying that the changes you have made in the new build could break existing systems.

If you say that, how can you offer the new build for public download? If you take it seriously, you should have one GA release. Actual you said, "Okay, existing customer shouldn't get the latest version, because it can break their system. But new customer should download the most recent version and probably break their systems"?!

There is a contradiction, isn't there?

You mentioned Microsoft: If you would act like Microsoft, you would release version 1.0 (the GA build). This is the only version you offer everybody.
If a customer has a problem, you may create a fix. You would release a hotfix. A hotfix just for that problem. This hotfix wouldn't be pushed. If you think that many customers would benefit from that fix, you may release an update. After a period, you would release a "service release", which would contain all the latest, now long tested, hotfixes and updates, so that customers could just install this build and don't need to catch up all the released updates.

When you think it is okay to release a new build to public, it should be good for every customer, so you should be able to push it as PCU. If you don't think it's ready for everyone, you shouldn't release it to public.

Well, as I said above, you are acting contradictorily. If you really think that a fix for a small group of people could break other systems, you shouldn't release this build to public. But actual, you are doing this. I won't have said anything, if the version customer can download wouldn't be the most recent version. But again, if it is okay for you, that anybody can download the most recent version of your software, then it should also be okay, to push that version.

OK. This sounds good. I will keep an eye on it. Currently, I cannot recommend NOD32 as I was able to do while v2 was the most recent version, because of this (it's not the only reason, but one of them).

 

Hello Whissi,

The following Knowledgebase article explains Virus Signature Database updates and Program Component updates. It goes into a more detailed explanation at the bottom half of the article.

http://kb.eset.com/esetkb/index?page=content&id=SOLN2256


In very simple terms, our product consists of the virus signatures, the modules, and the framework. Within the updates customers receive daily are virus signature updates and module updates. These updates allow us to provide the most up to date protection to customers without hindering their performance. If the scanner module needs to be updated, a module update is provided within the virus signature update that customers receive automatically. This works the same for every module. Pushing an entire new application build would only burden customers machines with longer download and installation times. As an example, when the roof of a house springs a leak, you repair or replace the roof and the house is then again back to living condition. Now as time passes, it may be necessary to not just repair specific areas of the house because a new structure may be the best option instead. We do give our customers the option to install the latest builds of their antivirus but they will continue to receive up to date protection with module updates.

Thank you,
Richard

 

Put me down as one of the people that WILL NOT be renewing my NOD32 license because of many botched business decisions by Eset - dumbing down the interface starting with v3, making the product more resource intensive (aka bloated), tying the updates notification with Microsoft updates (really bad decision), and as this thread referred to, the removal of program updates. NOD32 v2 had program updates built in, nobody had issues with getting the latest build that way....period. I've been a staunch supporter and customer since v2.0 but with all these "improvements" I will be moving on. Such a shame to see a great product lose it's soul to the marketing whims of the industry (more eye-candy, less control).

 

I kind of have to Agree regarding tying the windows updates notifications into the product is something I don't like either

 

disable it then, it is straightforward

 

I have

But I still don't like that ESET has "inplanted" that feature.

 

That is what it is, a feature. It appeals and is useful to some but not others

 

Indeed, but it's ON by default that's why I noticed it.

And agreed, it's not a useful feature to everyone as you say.

 

Hello SweX,

Windows updates are an important part of keeping a machine secure and protected. The notification feature is on by default for this reason but can be easily turned off as you have stated that you have done. We understand that not everyone will want to use this feature but since Windows updates are a key part of security it is a tool that will help many users keep their machines protected to the best of their abilities.

http://kb.eset.com/esetkb/index?page=content&id=SOLN2196

For other users who read this thread, Windows updates are part of keeping your computer protected against the latest threats. As a security company, we recommend keeping your operating system up to date.

Thank you,
Richard