August 24, 2008
@ 11:32 AM

Last week my blog was offline for a day or so because I was the victim of a flood of SQL injection attacks that are still hitting my Web site at the rate of multiple requests a second. I eventually managed to counter the attacks by installing URLScan 3.0 and configuring it to reject HTTP requests that resemble SQL injection attacks. I found out about URLScan in two ways; from a blog post Phil Haack wrote about Dealing with Denial of Service Attacks where it seems he's been caught up in the same wave of attacks that brought down my blog and via an IM from Scott Hanselman who saw my tweet on Twitter about being hacked and pointed me to his blog post on the topic entitled Hacked! And I didn't like it - URLScan is Step Zero.

This reminded me that I similarly found another useful utility, WinDirStat, via a blog post as well. In fact when i think about it, a lot of the software I end up trying out is found via direct or indirect recommendations from people I know. Typically through blog posts, tweets or some other communication via a social networking or social media service. This phenomenon can be clearly observed in closed application ecosystems like the Facebook platform, where statistics have shown that the majority of users install new applications after viewing them on the profiles of their friends.

One of the things I find most interesting about the Facebook platform and now the Apple App Store is that they are revolutionizing how we think about software distribution. Today, finding interesting new desktop/server/Web apps either happens serendipitously via word of mouth or [rarely] is the result of advertising or PR. However finding interesting new applications if you are a user of Facebook or the Apple iPhone isn't a matter of serendipity. There are well understood ways of finding interesting applications that harnesses social and network effects from user ratings to simply finding out what applications your friends are using.

As a user, I sometimes wish I had an equivalent experience as a user of desktop applications and their extensions. I've often thought it would be cool to be able to browse the software likes and dislikes of people such as Omar Shahine, Scott Hanselman and Mike Torres to see what their favorite Windows utilities and mobile applications were. As a developer of a feed reader, although it is plain to see that Windows has a lot of reach since practically everyone runs it sometimes I'm envious of the built in viral distribution features that come with the Facebook platform or the unified software distribution experience that is the iPhone App Store. Sure beats hosting your app on SourceForge and hoping that your users are blogging about the app to spread it via word of mouth or paying for prominence on sites like

A lot of the pieces are already there. Microsoft has a Windows Marketplace but for the life of me I'd have never found out about it if I didn't work at Microsoft and someone I know switched teams to start working there. There are also services provided by 3rd parties like, the Firefox Add-Ons page and Tucows. It would be interesting to see what could be stitched together if you throw in a social graph via something like Facebook Connect, an always-on well integrated desktop experience similar to the Apple App Store and one of the aforementioned sites. I suspect the results would be quite beneficial to app developers and users of Windows applications.

What do you think?

Now Playing: Metallica - The Day That Never Comes


Sunday, August 24, 2008 2:14:32 PM (GMT Daylight Time, UTC+01:00)
While on Windows, I often find myself missing apt, the package management system of Debian and Ubuntu Linux. Every application, from an OS component to a screenshot utility to a database, is a package. There are central, standardized, well-maintained repositories. One can browse through them and read the descriptions, or add additional repositories to get to the less standard selection of apps.

Now, it's not perfect. There are no ratings, screenshots, or reviews in the catalogs. Still, it's considerably better than the Windows chaos.
Sunday, August 24, 2008 4:55:11 PM (GMT Daylight Time, UTC+01:00)
I agree with Leons. What you are talking of has been around a while and is called "package manager" (sorry for the sarcasm, I know you know). It just hasn't been around for any of the two largest desktop-OSs. OS X (as a Unix-derivate) has a small array of package-managers that can be installed a posteriori, but no immediate, ingrained support. And my friends who use MacOS only complain about the repositories.

Probably package-management didn't find its way into propietary-land because it's not been made useful for doing the whole revenue thing that the "iTunes for Mobile Programs" App-Store has been designed to do. I wouldn't be surprised if Apple were to roll out an App-store for OS X as well.
Sunday, August 24, 2008 6:08:25 PM (GMT Daylight Time, UTC+01:00)
Yes, I've been wishing for something like this as well. There are just so many different places online where you can download software that its impossible to find anything.

I guess the biggest issue is the sheer volume of software, and the fact its so hard to find exactly what you want. Often the products are listed incorrectly to catch different keywords, or deliberately misleading in their descriptions so as to imply they are free when in reality ther're just 30 day trials etc.

Windows Marketplace is actually really well designed... its just a shame no one seems to use it.
Sunday, August 24, 2008 6:29:20 PM (GMT Daylight Time, UTC+01:00)
It seems like Windows is moving in the direction of package management in any case. Valve's steam is a wildly successful deployment platform, for example. For the people who really want a package manager, Cygwin works reasonably well in that respect.

One quick thought - Windows should be more difficult to develop a good package management solution for than other OS's due to the difficulty of tracking and safely reversing changes in the Registry.
Sunday, August 24, 2008 9:30:28 PM (GMT Daylight Time, UTC+01:00)
Forget package management, where did you find the new Metallica track "The Day That Never Comes"? :)
Monday, August 25, 2008 1:14:22 AM (GMT Daylight Time, UTC+01:00)
It's amazing to what extent Microsoft has failed to capitilize on the Windows Marketplace. It's been around for a _long_ time, and relaunched for Windows Vista (with the Digital Locker, which is a cool idea).

Really, Microsoft should be pushing an app store like crazy. The concept of the Digital Locker could be extended to streamline installation and updates - as it would be vetted, trustworthy software - and allow rather seamless migration from PC to PC. Imagine being able to sit down at a new PC, login to Windows Marketplace and Digital Locker and say "Silently install and configure, with my settings, all the software that was installed on my previous machine."
Michael Griffiths
Monday, August 25, 2008 5:47:56 AM (GMT Daylight Time, UTC+01:00)
I tried out the MarketPlace last night... its great except for one thing...

You find something you want to download > Add it to your cart > Continue to download page > choose which download option > confirm download

Is it just me or is that a little convoluted?

Can anyone explain to me what Windows CardSpace is for? I can't really find anything online about it... is it to do with the digital locker? or just a way for websites to identify you automatically, but no one has adopted it?
Tuesday, August 26, 2008 9:50:54 AM (GMT Daylight Time, UTC+01:00)
Probably you'll love

Tuesday, August 26, 2008 6:03:55 PM (GMT Daylight Time, UTC+01:00)
I agree that it's "cool to be able to browse the software likes and dislikes of people" and I blogged about this here: IUseThis: Social Networking for Nerds

Here's an excerpt: is a fun way to browse through people's software lists and quickly get a sense of what software might be useful to me.
It's currently only for OS X, but supposedly they're going to do it for MS Windows. Is this what you're wishing for Dare?
Tuesday, September 2, 2008 10:28:51 PM (GMT Daylight Time, UTC+01:00)
Other people have mentioned the package managers. But for people that don't really know what they are talking about, let me illustrate:

1.) I want a new app on my Ubuntu machine that I do not currently have. For example, the other day I wanted to create some business cards

2.) I click on the Ubuntu Programs menu, then go "Add Programs"

3.) A list appears with literally thousands of applications organised by category. All of these applications are verified by people that you have chosen to trust, and are rated with regards to how well they work with your configuration of Ubuntu

4.) I type in a keyword ("business card") in my case

5.) A filtered list instantly appears, and I choose "glabels" from it, which has a description that seems to match what I want.

6.) I click OK, and the app and its dependencies is downloaded and installed seamlessly. No installshield, no add-remove programs, it is just there and it works.

7.) I make my business cards using FOSS software, that I was easily able to find and install, and I do not pay a cent.

Cool, eh?
Comments are closed.