12

Should there be a "data hygiene" index for software - to indicate how clean the program is? not creating unused temp files, registry entries, environment variables, etc.

For example, look in your users folder in Windows, you'll see all manner of work space files used by your applications.

For example, this makes it hard to know what needs to be backed up and what can be discarded as being machine-generated.

therobyouknow
  • 923
  • 7
  • 16
  • My browser history is machine generated. But on the other hand, I do want to back that up. – Anon. Jan 23 '11 at 22:32
  • 6
    Leaving stuff in the temp folder is okay, but I agree about monitoring other locations along the lines of "My Documents". It's *my* documents, App X. Leave your garbage out of it. – Adam Lear Jan 23 '11 at 22:32
  • 4
    @Anna Lear: The identity of "my" magically transfers to the one pronouncing it. :) –  Jan 23 '11 at 22:37
  • 1
    @DeveloperArt: Indeed. One of the greatest loopholes of our times. :) – Adam Lear Jan 23 '11 at 22:46

2 Answers2

7

Yes, and you should get started on one ASAP.

You can't always blame an application for not cleaning up its mess. Some times users pull the plug on the app.

Maybe the direction should be for an application to have a way to identify the purpose of the files it creates and how long the user/operating system should allow the file to hang around? If it's standardized, running a cleanup routine shouldn't be that much of a problem.

JeffO
  • 36,816
  • 2
  • 57
  • 124
  • +1 Thanks for the encouragement. I think there would be several sub metrics adding up to an overall hygiene score. – therobyouknow Jan 23 '11 at 22:53
  • 2
    No need to make it too complicated, but also feel free to get some help. – JeffO Jan 24 '11 at 01:32
  • +1 @Jeff O thanks for the offer: it should certainly be a collaborative effort. @Developer Art talks of the security angle, but there are others such as convenience in maintaining a system, keeping it tuned-up, knowing what to back up, making it easily re-deployable by knowing which files are required if the software, say is moved between machines. – therobyouknow Jan 24 '11 at 08:52
  • if you define the criteria in an answer then I could make this the accepted answer. – therobyouknow Jan 25 '11 at 16:18
  • accepted answer as it is succinct response to question. Credit to @Developer Art for the security angle. But the question is not only about security, but maintainability, re-deployability, what to backup, efficient use of resources, reliability, compatibility co-existence with other apps that generate data... – therobyouknow Feb 03 '11 at 12:40
  • Read [AN ADAPTABLE SOFTWARE PRODUCT EVALUATION METRIC by Timm Euler](http://www-ai.cs.uni-dortmund.de/DOKUMENTE/euler_2005b.pdf). One of the proposed metrics is *caching*, *To enable the handling of large data sets, tools must not attempt to store data sets in temporary files or database tables unless the user has determined that this be done. To enable informed decisions by the user, intermediate data set sizes must be estimated before the data set is computed, must be available after it is computed, and every intermediate data set must be clearly linked to the operator that produced it* – Jay Elston Aug 06 '11 at 18:24
3

I think that would be a great idea to have that commonly adopted metric. Would provide a clean picture of what a program is capable of.

There aren't any such indexes really, mostly for historic reasons and because people don't care in mass.

The closest thing we've got something like this is the application permissions on Android, that is for mobile devices. When you install an app, it displays in black on white what permissions it requires for operation and it's up to you to approve or deny them.

It still is not an index of application hygiene, rather an index of operation scope and potential threat.

That kind of index if ever pulled off would in practice rely on trust and reputation of a publisher not to distribute secretly an update after the initial version has been presented and tested. The thing is that there is no working and widespread mechanism on consumer PCs to restrict an application or even see what it's doing. By widespread I mean a simple built-in mechanism available and understandable by an average Joe. Yes, there user groups, permission levels and so on but a normal user will get lost there. Something as simple as the mechanism on Android is not available.

We first need to put that sort of protection barrier on each and every PC only then that would that index make sense. Without that mechanism, everything is based on trust - you will trust big ones without an index but you won't trust the small players even with an index assigned to their products.

But a really interesting idea. Seriously. Both hands up.

  • Thanks for response. If we did have one, then one place at least that I think would benefit Open Source projects particulary would benefit because there would be less ambuguity about how to get them to build and run successfully for the non-expert common man and woman on the street. – therobyouknow Jan 23 '11 at 22:49
  • +1 thinking about it for a while, as you touch upon security - another area of benefit, as such residual temp files can reveal activity to an adversary. – therobyouknow Jan 23 '11 at 22:54
  • if you define the criteria in an answer then I could make this the accepted answer. – therobyouknow Jan 25 '11 at 16:18