14 DAY TRIAL // Everybody knows that computer security battle is fought on more than one front. You need an entire arsenal of protecting software against online attacks (antivirus, antispyware, popup blockers, firewall, safe browsers) as well as tools for protecting your data and system from physical access. The latter category refers to using data encrypting software, system monitoring tools, system lockdown instruments.
And with all these precautions your computer will still not be Alcatraz as data leakage is still possible due to bad coding of the software you use. Software vulnerabilities are discovered and reported on a daily basis, which means that your computer is still not protected from prying eyes. However, updating all your applications to the latest versions can elevate the comfort level and reduce the risk of your computer being invaded.
Not too long ago a myriad of softwares claiming that they can detect the versions of the applications installed on your computer and provide you information on the latest releases have emerged on the market. Testing quite a few of them led me to the conclusion that they are a must on every computer with myriads of applications installed.
Secunia, a highly reliable online source of vulnerability reporting has put its back into it and after releasing the online instrument for checking software versions and comparing them to their database they have issued a downloadable version of the service.
Secunia Personal Software Inspector is the result of the hard work and although it is in beta stage, it can pinpoint expired versions of programs installed on your computer. Its purpose is contributing to the protection of your system by constantly monitoring the system for software installation and alert you of missing patches.
The instrument will examine the files on your computer (EXE, DLL and OCX mostly, but not only) and collect non-specific information on software vendors. The next step is comparing it against the data available in Secunia software database. The result is displaying a report of the missing security related updates.
Users will not have a hard time with the application as there are no configuration settings to be made and the software is continuously monitoring your system providing news for the latest patches. The main application window shows the overall state of the computer presenting info on the update state of the system. The developer recommends aiming to the highest score (100%) for reducing to the maximum vulnerability access to your computer.
Further info in main application window shows the number of insecure software detected (versions that are not up to date) as well as End-Of-Life software (applications that are no longer supported by the developer) which will no longer be updated thus representing a risk to the system. In the lower part of the window there are the options of the application. These are quite modest as they cover only viewing all detected software, define the paths that should be ignored by Secunia PSI and send software suggestions to Secunia for enriching the database.
Hovering the mouse pointer over the items in software view window will show you the path to the file used by PSI to collect information on the version of the item and vendor. You are provided with the version installed on your computer and if it is not the latest it'll be displayed in red color. In some cases there is additional information provided and a download link. If the installed version is no longer supported by the developer clicking on the issue number will ask you to uninstall it and go for the latest release available.
Testing the app for efficiency resulted in discovering a few flaws. I the case of FileZilla for instance the version was not flagged as being insecure although I run version 2.2.32 and the latest release is 3.0.1. A similar reading occurred in the case of Foobar: though I had version 0.9.4.4 Secunia PSI displayed as version 0.9.4.3 being the latest and the one installed on the computer.
After two months from the release of PSI beta their database still does not cover a wide range of softwares. Major applications like those from Ashampoo or DiskTrix. Software like OpenOffice, FeedReader, GIMP or U Torrent are not recorded in the list.
All the communication between your computer and Secunia server is conducted via SSL encrypted connection and according to the Privacy Statement no personal information will be collected from your computer. The data gathered from your computer will be stored on their servers for a period of 12 months from the time you uninstall the application. However, all the info can be deleted automatically the moment you cancel your registration (from Overview window click the last option in Perform a Task section).
The Good
Secunia PSI is extremely easy to use and will alert you on most applications that are in need of an update. The interface is filled with details and tips on using the app.
It constantly monitors your system and Secunia File Signature engine will analyse all the data determining the application versions installed.
Users can contribute to enriching Secunia's database of softwares to monitor by suggesting softwares to be included in File Signature.
You can exclude directories and paths on your computer to be monitored by creating simple rules.
The Bad
The application will not detect all installed software as the database still needs a push. More than this, in some cases the information regarding the version may not be accurate.
There is no search option in the application to take you to items in the list automatically.
Data collected from your computer will be stored for up to 12 months after uninstalling the product save you cancel the registration. That is a long time to store info on software versions installed on user's computers.
The Truth
PSI will monitor the system continuously, eating up about 10MB of RAM. I would have been more comfortable with scheduling the app to connect to Secunia servers whenever I saw fit and save that RAM for something else.
File Signature database has serious gaps as major applications are not included. Also, some info on installed software may be erroneous. But hey, this is still a beta.
Here are some snapshots of the application in action:
