Should wrapper apps really be marked as Stealthy?

Message

redllar · #1 Post by **redllar** » Thu Aug 02, 2007 6:39 am

Not to single out this particular wrapper, but I just saw the posting of the "ExplorerXP Portable" wrapper, so I thought I'd raise this concern of mine about it, and others of its kind, as being marked as Stealth.

Because imho you're potentially doing harm to those who aren't saavy enough to know how these wrappers work, since they aren't stealthy while the app is running. You're also mixing these wrappers in with apps that were designed and coded as stealthy, which I also think is not a "good thing."

So how about a Barry Bonds-like marking for these wrapper apps, Stealth* instead? With a side note for the * indicating that if the system or app crashs then your settings, etc., will be left on the machine and it will be up to you to remove them by re-running the app and getting it to close down successfully?

Just a thought to make your life here more unbearable.

chezduong · #2 Post by **chezduong** » Thu Aug 02, 2007 7:44 am

I voted NO. I think that wrapper apps make the original app "portable", but not "stealth".

Don't get me wrong. Let me tell you why.

I love www.portableapps.com, especially OOoPortable and Firefox Portable. And I know that John T. Haller works hours and hours to make Firefox Portable work portably and as stealth as possible. BUT, for some reason, Firefox Portable still leaves registry keys HKLM\Software\Mozilla.org. And when you install new Addons or when you upgrade versions, a Mozilla folder is left in the User Profile\Apps folder (or something like that). And of course when you upgrade versions, you also have to ensure that there are no additional registry keys left and no major changes to the files left behind, etc. And then there is of course the "blue screen of Death" which leaves everything behind.

In short, there are about half a dozen different times when the wrapped app may still leave something behind. So it's better to "Just don't do it", rather than do it and clean up.

So my conclusion is that wrapper apps make apps "portable", but not "stealth".

Having said that, I use Firefox Portable and OOo Portable every day, and love them.

zikarus · #3 Post by **zikarus** » Thu Aug 02, 2007 8:15 am

The user should know what the wrapped app leaves behind used 'normally'. The hint that it might not be stealth anymore when BSOD etc. occurs should be mandatory too...

Conclusion: Why not have three categories:

1. Stealth
2. Stealth unless an error occurs
3. Leaves behind....

m^(2) · #4 Post by **m^(2)** » Mon Aug 06, 2007 12:28 am

They should. But I don't think that stealthy is a good word. Usually I don't care about app being stealthy. But I hate leaving things behind or interfering in host machine's settings (even if it's only a MRU list). I would just call them "clean".

#5 Post by **Andrew Lee** » Mon Aug 06, 2007 6:29 am

This is an interesting question which has been raised here before.

If you want to be really hardcore about it, very very few apps will classify as "stealth". In particular, Windows itself records a number of MRU settings eg. when common file dialog is called, and if the app uses DirectX, even more stuff are written to the registry.

In fact, I posit that if an app is 100% stealthy, it is either 1) not very interesting, or 2) actively removing traces of itself from the OS, which is rather unusual.

For the casual user, if running the wrapper again after the crash cleans things out, I don't think it's that big a deal frankly.

For the _really_ hardcore user (which runs TrueCrypt and SSH tunneling and keylogger detectors), I am pretty sure he or she will be quite knowledgeable and doing his own testing if he really wants to be stealthy, don't you think?

Ttech · #6 Post by **Ttech** » Sat Sep 08, 2007 8:44 am

Someone explain the stealthy thing? It sounds like something bad...

m^(2) · #7 Post by **m^(2)** » Sat Sep 08, 2007 2:54 pm

It is definitely a good thing. It means that you don't leave any settings or temporary files on a host machine.

naitse · #8 Post by **naitse** » Fri Apr 04, 2008 10:14 am

Like the subject says, how can i know if the portable application left behind a registry key or something, cos here in my job is forbbiden to use the msn live messenger, and we got an inventory soft that cheks if something in the pc had changed, hardware and software... obviously registry keys... so.. there is some tool to check what left behind the PA (portable app

) ???

Napiophelios · #9 Post by **Napiophelios** » Tue Aug 10, 2010 5:11 am

naitse wrote:Like the subject says, how can i know if the portable application left behind a registry key or something, cos here in my job is forbbiden to use the msn live messenger, and we got an inventory soft that cheks if something in the pc had changed, hardware and software... obviously registry keys... so.. there is some tool to check what left behind the PA (portable app ) ???
OwenWozney wrote:Does anyone have an answer to naitse's question? I want to know the same thing.

Regshot
My personal fave in TPFCollection

What tools do you use to test Portability?
a good little thread on the subject...

-.- · #10 Post by **-.-** » Tue Aug 10, 2010 5:16 am

i've used jpe with firefox portable... the combination seemed to keep it stealthy... I can't guarantee it since I'm not great at using jpe and already had things written to system.

MiDoJo · #11 Post by **MiDoJo** » Tue Aug 10, 2010 12:14 pm

Initially I was going to say no, but Andrew makes a very good point, that if crashed the wrapper apps (most of which I believe are jhaller "Portable App" apps) will cleanup the next time.

I was going to suggest adding a new catagory under stealth as wrapper (i.e. Yes, No, Wrapper) but this seems a bit silly as it would single of mostly "portable app" brand apps and may cause confusion (as can be seen in this thread with people asking what stealth is, though it's been discussed here before. . . that was not a slight at anyone nor saying that they should have this knowledge just because we've talked about it before, I'm just observing).

perhaps atr least something should be said that some wrapper apps which can use plugins (Mozilla apps for instance) may lose their stealth (or even portablility) based on the plugins added.

JohnTHaller · #12 Post by **JohnTHaller** » Tue Aug 10, 2010 1:14 pm

MiDoJo wrote:Initially I was going to say no, but Andrew makes a very good point, that if crashed the wrapper apps (most of which I believe are jhaller "Portable App" apps) will cleanup the next time.

All PortableApps.com apps will clean up properly even if the portablized app crashes. The launcher runs in a separate process (since it is a separate EXE) so, even if Firefox.exe were to crash, for example, and generate crash reports, FirefoxPortable.exe would still remove the crash reports and restore the local Firefox files to their pre-run state. Same with an app that stores in the registry or elsewhere in APPDATA.

If you encounter an instance where they do not, please report it as a bug in the Firefox Portable support forum (or appropriate forum for the given app) with details on how to reproduce it so we can fix it.

SYSTEM · #13 Post by **SYSTEM** » Tue Aug 10, 2010 1:19 pm

I have always understood stealth this way:

Stealth application itself doesn't write to the registry.

If an application writes to the registry, it is not stealth, no matter if a wrapper reverts the changes on exit. On the other hand, if an application causes registry writes indirectly by, for example, using file dialog, it may still be stealth.

There are of course exceptions as well. For example, in my opinion

Registry Commander is stealth. It is supposed to write to the registry and it only writes what the user requests.
CPU-Z is not stealth. Because it temporarily loads a driver, it causes more registry writing than stealth programs.

One problem with wrappers is that having regular and wrapped application open simultaneously (by mistake, of course) can cause quite unexpected behavior. Depending on the order the copies of the application are closed, even data loss may occur. By contrast, a stealth application never stores its settings in the same location as its non-portable counterpart (if there is one), not even temporarily.

lyx · #14 Post by **lyx** » Tue Aug 10, 2010 8:52 pm

I vote for explaining what an app does, instead of trying to "catch-it-all" with a single term that may mean different things depending on the application and reviewer. Think of stealth as a category in which an app is rated, not a value. That doesnt need to involve lengthy explanation - simple to understand short phrases were already proposed in this thread.

guinness · #15 Post by **guinness** » Wed Aug 11, 2010 12:25 pm

I have always perceived the Stealth option to relate to the native application and not the wrapper, because the wrapper has the potential to crash.

The Portable Freeware Collection Forums