The Problem of Staying Updated

Recently I read an interesting blog post by Mark Pilgrim. If you recall, he was the Google engineer who decided to switch from Mac to Linux, citing numerous perceived problems with both OS X and proprietary software in general. He set off quite a firestorm and soon had zealots from both sides espousing the various virtues of their favored OS. For a very good recap take a look at DaringFireball’s coverage. Get a cup of coffee though, it is rather long. Very interesting, but long.

Okay, have you finished reading up on the back story yet? Good, I can continue then.

Pilgrim upset countless Mac users with his comments regarding OS X and received quite a bit of negative feedback (read: hatemail) as a result. However, if you read his post carefully you will see that it isn’t really OS X that caused him to switch but rather Apple’s attitude towards open source software. He makes a complex argument for openness and, in the end, concludes that being “open” is more important than any other feature, including usability. I don’t agree with his argument, but I do understand it. It is kind of like arguing for driving the safest car possible at the expense of gas mileage and reliability. I might be willing to drive a less safe car that I knew would break down less over a safer one, but that doesn’t mean I don’t understand the argument for driving the safest car possible. In the end, it’s all about priorities.

So, fast forward to today and you can see his latest piece entitled One Year With Linux. He switched from OS X, started using Linux, and has come back to report his experiences. Ultimately, he says he feels vindicated in his choice and doesn’t want to go back. In fact, one of the main justifications he gives for continuing to use Linux is the ease with which he can keep his system updated. Specifically, he mentions how wonderful it is to be able to use a fully integrated package management system. He says:

On the contrary, working on a Linux system has made the weaknesses of other operating systems more painful to deal with.
The most glaring example of this is package management. Keeping a system up to date is essential, especially a laptop that travels to different untrusted networks on a regular basis.

I should mention that if the only operating systems you have ever used are Windows or OS X, then you have probably never even heard of “package management.” However, if you have ever updated any Unix or Linux system, you are probably quite familiar with it. According to Wikipedia… A package management system is a collection of tools to automate the process of installing, upgrading, configuring, and removing software packages from a computer.

Basically, a good package management system allows the user to search for a package (in this case a package can be defined as an application, library, etc.) and then install, update, or remove it, all from one application. This system has several real advantages over the current system in either OS X or Windows. A package management system allows the user to update their entire system (every library, every utility, and every application) all with just a few clicks of the mouse. It also gives the user the ability to quickly search for new software, delete existing software, and, in general, makes managing your system easier.

Of course there are downsides. Package managers are great, until they don’t work. Then the problems start. Let me first explain where I get my opinions on Linux from. I’m a programmer and I use Linux every day at work. I run Fedora Core 6 as my main workstation and have had lots of experience using Yum (Fedora’s package manager of choice). And I’ve also had experience using RPM when Yum didn’t work. Things aren’t always as nice and easy as Mr. Pilgrim would have you believe. Oh, don’t get me wrong, when it works, it works great! You can update your entire system with the following command:

yum update -y

That single command lets you update everything on your system and requires no further user input. It is really cool and can save massive amounts of time. Unless, of course, something goes wrong. Then you have to ditch Yum and go with plan B.

Before I continue let me reiterate this one thing: average users shouldn’t run into these problems. If all you do is type documents, check email, and surf the web then you should be safe. It’s when you decide to try more interesting things that problems can crop up.

I have found that there are three main problems that can arise when using Yum (or any package manager for that matter). First, you can encounter a dependency issue which Yum cannot handle. Second, you can try to update/upgrade software and Yum won’t see the latest version. And third, there are some things you just can’t find with Yum.

The first case is perhaps the most frustrating. You open up Yum to try to install something, you begin the process, and then get a warning that it can’t continue because you don’t have some other files on your system that this current software needs. It is now up to you to go find those files (from wherever you can), install them, and then start this process over again and hope things work out this time around. If you don’t know how to use a command line, then you probably are just going to give up on installing that software, because finding all the dependencies you need can be hard.

The second case is more annoying than anything because things almost work...but not quite. Here is a perfect example that happened to me. I had Firefox 1.5 installed on my system and I updated it to its newest version. Then one day Firefox 2.0 came out. So, I open Yum and told it to update Firefox. It did, and then promptly told me Firefox 1.5 was fully updated! Not a problem, I thought, it won’t make the jump to 2.0 without my prompting. So I go and search for Firefox 2.0 in Yum, and find that it isn’t there! What to do? Apparently Yum won’t let me get the newest version of Firefox. Now, I eventually fixed this problem as the solution was easy enough to find. However, that doesn’t change the fact that I wasted a lot of time forcing Yum to do what I wanted. It would have been faster if I had just gone to http://www.getfirefox.com and downloaded the installer. But, if I did it that way, what was the point of having Yum in the first place?

The third problem I have run into is that, try as you might, sometimes you will need something that you just can’t find with your package manager. In which case you have to do things the old-fashioned way. Granted, this is by no means a common problem, but one that still exists. Which means that as good as Yum is, there are still times when it isn’t good enough. In fact, there are times when you have to break out RPM or, dare I say, compile from source.

Some of you, after reading to this point, might think I don’t like package managers. Well, let me set you straight right now. I really like the idea of package management. I think it is a very sweet idea that, generally, saves a lot of time and energy. It isn’t an ironclad solution, but it works well enough for most people to use it without incident. In fact, I like it so much that I wish it were built into OS X.

Wait, let me clarify that. I wish it were built into OS X and it supported third-party software.

Right now, in OS X if you wanted to update your system you would run “Software Update...” and follow its prompts. And that is great for updating core system software. However, if you want to update software that isn’t from Apple you will have to open each application, see if it has some method for updating itself, and employ that method or else go to their website and hunt for updates. It is by no means an ideal solution. It is simple enough to understand and use, but it isn’t very efficient.

One (far-fetched) solution is to get Apple to open up their Software Update application to other developers. In essence, allow third-party developers to use their update tool. Now, this will never happen, but it would be a nice solution. The reason it will never happen should be obvious: Apple isn’t going to give up that much control and pollute their beautiful interface with lots of extra junk. A more realistic expectation might be for a separate updater that is entirely geared for non-Apple products.

Of course, this brings up its own issues. The first, and most obvious, being what format should be used? Because if everyone isn’t on the same format then the system doesn’t really work. So, Apple would have to create this capability, then create a standard for its developers to use, then they would have to convince a large number of them to support this new update format. This means more work for the developers since they would have to replace an update system that already works quite well for their particular product.

Then, lest we forget, there is the problem of security. Imagine if the following happened. Someone creates an update that creates a security problem. Unsuspecting users update their systems and problems arise. Who do you think will get the blame? The vendor for writing bad/malicious software? The user for being stupid/uninformed? Or Apple, because they are the biggest target?

I’m going to guess Apple, and here is why.

If you use a utility built into OS X to download some software hosted on Apple’s servers, and it turns out to be a problem, then your average user is going to blame Apple. And they are going to do this because, in their eyes, by using an OS X update utility made by Apple they assume that Apple endorses or supports the software. And when it becomes a problem then they are going to ask Apple why they didn’t protect them better. If you bought a new Honda and the sound system broke within the first month, who would you blame? Honda for selling you a defective car or Bose for making crappy products? You would blame Honda in a heartbeat. And the next day you would be down at the Honda dealership, NOT the Bose store, demanding the problem be fixed. The same thing would happen to Apple. Are they technically responsible? No. Would that really matter in the end? Probably not.

In the end, however, I think these problems can be overcome without too much difficulty. I think package management is a great way to keep your system up to date and I would be very excited if Apple decided to implement it. Till then, there is always Version Tracker.