Applications that write to the registry, are they portable?

Discuss anything related to portable freeware here.
Message
Author
User avatar
Andrew Lee
Posts: 3048
Joined: Sat Feb 04, 2006 9:19 am
Contact:

Applications that write to the registry, are they portable?

#1 Post by Andrew Lee »

I have created this sticky topic to discuss apps that writes to the registry, and whether they can be considered portable.

From time-to-time, a particular app that writes to the registry will provoke a fierce torrent of comments that I will try to redirect to this topic in the future, since I like to keep comments related to the workings of the application itself, rather than discussion about portability in general.

Generally, the comments falls into two camps. The "purists" loudly proclaims that any application that writes to the registry cannot be portable. The "free lovers", on the other hand, argue that any application that has no external dependencies can be considered portable, regardless of whether their settings are portable.

Rightly or wrongly, I have always taken the approach that if an application is likely to be used frequently, then it is important that the settings are portable as well. This includes things like editors, viewers, players etc. If an application is not likely to be used frequently, then the settings need not be portable. This typically includes diagnostic or data recovery apps.

For the app that triggered the creation of this topic, LSASecretsView, it is clearly a data recovery app, and as such I don't think portable settings matter that much, especially when the settings involve petty things like column visibility and sizing. I would like to think that when you need to recover certain information, you will be mighty glad you find something that gives you that information instead of worrying about column sizes and so on.

As with all things in life, there are lots of gray areas. Let me know your views, and we can work from there.
Last edited by Andrew Lee on Sat May 05, 2007 4:42 am, edited 1 time in total.

User avatar
teobromina
Posts: 172
Joined: Tue Jan 02, 2007 12:12 pm
Location: Spain

Ideal world does not exist

#2 Post by teobromina »

Andrew: I like the discussion you started with this topic.

I am in the 'army' of those that do not consider so bad that an app writtes on the registry. In fact I do not care too much about this particular. For me the most important thing is the 'portability' as we would define ethimologically: An app is portable if you can 'bring it' with you in any external support, able to run in different computers without loss of functionality (I do not expect that keep exactly all my former settings because I can change my mind from one session to another) and that Windows does not list it in the control pannel/install-uninstall apps.

Acording to this deffinition I see more valuable in terms of portability an app if it does not writtes at all any setting in any support, thus it is able to run from a CDRom (I name this 'ROMSOFT'), because in some cases you may find that the administrators try to destroy 'extrange' executable files, and they cannot do it if the support is not writtable.

*JT.

Crash
Posts: 11
Joined: Wed Feb 22, 2006 5:22 am

The purist vote

#3 Post by Crash »

I'm a purist. The primary reason is because application portability is not rocket science. Either an application will run without leaving any traces on the host system or it doesn't...period. I'm asked sometimes, "Why be so adamant?" My answer to that is because achieving portability is fairly easy. With relatively little work in the application's development, concessions need not be made.

I have an issue with using a somewhat formal classification--in this case: Portability--and then knowingly apply that classification to an application that in fact fails the criteria.

I guess that breeds the arguable point of "What exactly is portability?" I believe that altering a system outside of the portable media from which the application is run negates portability.

Either an application is freeware or it isn't. Either an application is portable or it isn't. Is portablefreeware.com devoted to Free and Portable or almost-Free and nearly-Portable?

Another school of thought would be that strict adherence to the Portable classification on this popular web site may provide application authors with motivation to write truly portable apps so they may be included here. We've seen a few examples of this already.

Just my $.02

cmmehl
Posts: 127
Joined: Sun Feb 19, 2006 7:26 am

#4 Post by cmmehl »

I tend to second Crash. In the ideal world, one would leave no traces at all on the host system, at least not those that are avoidable.

If one doesn't at least strive to that objective - why should we be fussy about *which* kind of registry entries should be permissible? The program settings are not allowed - but only because we're too comfortable (or lazy) to adjust them each time we start the program? If this is the case, then why not immediately add a few hundred more programs to the DB, all just extracted with UniExtract or similar ...

But since this world is not perfect, we will probably have to accept a few programs that will write a few lines to the registry. But: it should be clearly indicated in the description, and then the purists among us can take their decisions accordingly.

By insisting on clean standards, we can hope that more and more programmers will consider this wish and write *real* portable programs. Hopefully ... :-)

My 1,5 cts
Chris

opsimathic
Posts: 50
Joined: Sun Feb 25, 2007 12:12 pm
Location: Uganda

#5 Post by opsimathic »

I think we are rolling two concepts into one by insisting that applications must be "stealthy" (no registry writes or other detritus left behind) and "portable" (can be run off portable media on any suitable computer).

Personally, I am happy with an application being just "portable" even if it is not "stealthy." However, I do like to know if an app leaves a huge footprint behind and I place a higher value on applications that are both portable and stealthy.

Perhaps we need to grade the applications accordingly. Grade A could be portable AND stealthy, Grade B could be just portable, and Grade C could be the rejects. Such a system would, of course, increase the load on our already overworked moderators but it would allow the purists to easily identify their applications without unduly restricting the choice of apps for someone like me.

In reality, the database gives this information for most applications already without the added overhead of a grading system which would, of course, lead to ongoing debates about whether a app is correctly graded.

Perhaps best to leave the situation as now.

My 2 cents.

/opsimathic

tripex
Posts: 16
Joined: Tue Aug 08, 2006 10:51 pm

#6 Post by tripex »

First thanks to Andrew to open a discussion in the forum and a sorry for cluttering the application section!

I have no desires or opinions for or against the triggering application LSASecretsView, I don't even know, what it exactly does. My opinion is based on principle and I don't make exceptions regarding how frequently an application might be used, because this is also personally.

Portable software needs at least the feature of independency. It might read from registry or ini files as long it does not need it to work.

I see 3 distinct groups of portable software

writes nothing
writes ini file(s), but ONLY in the application folder
writes in registry (discutable whether portable or not)

I vote to list on your site called portablefreeware only the first 2 ones and reward the very first with extra comments or a symbol and discard the rest OR put them in an extra section OR clearly attach a big warning sign, not only a text. Software that writes anywhere outside of the app folder (even if changable via settings) should also carry this big warning sign.

My basic intention is to encourage software producers to make their software consciously "highly portable" and not only portable as a byproduct.

User avatar
usdcs
Posts: 175
Joined: Sat Jun 10, 2006 11:54 am

#7 Post by usdcs »

I could see a three-tiered rating system - maybe using a traffic light as the icon?

Red = "Accepted as Portable" That is, that it uses the Registry but, it doesn't overly affect the usage.
Yellow = Portable. It might touch the Registry but, is definitely portable.
Green = Stealth. No traces left on the host machine at all.

I prefer Stealth programs myself.

Regards,
Dan

tripex
Posts: 16
Joined: Tue Aug 08, 2006 10:51 pm

#8 Post by tripex »

Why so blurry definitions like 'overly affect the usage' or 'likely to be used frequently'? It's just food for further discussions.

As I see the discussion going on the most purists just want to see non-stealth portable software (thanks to opsimathic for the clear distinction) more clearly marked as non-stealth software for themself or to encourage software developer to make their products non-stealth.

Chris
Posts: 106
Joined: Sun Dec 03, 2006 10:08 am

#9 Post by Chris »

For some people definition of portable is vary, some say portable app is app that doesn't need any installation to run; some say it's application that can be conveniently used on another computer (own setting can be easily used on other computers); for some it's an app that doesn't write any info to the host.
I surely suggest to make consistent naming to prevent future misconception, I guess everyone agrees that one feature of portable app is: no need for installation, so perhaps:
1. Stealth\ Clean Portable: Doesn't write any info in the host system.
2. Semi-Stealth\ Semi-Clean Portable: Does write settings to registry but delete upon closing. Using Regrapper, FoxitReaderV2.0 Portable.
3. Non-Stealth\ Dirty Portable: Leave info into the host computer.
And whether the setting can be carried is called something like.. porting settings or data?

Note: Usually no 1 & 2 has "porting settings" (some no 1 apps don't need any settings at all). And some apps have option to be no 1 or 3 (option to write settings to .ini or registry).
Also nowadays almost all Non-Stealth Portables\ Dirty Portables can be converted to Semi or Stealth Portables using virtualization or other method.

tripex
Posts: 16
Joined: Tue Aug 08, 2006 10:51 pm

#10 Post by tripex »

I fully agree towards strict and easy to follow definitions if it comes to grading. It seems not too hard. Here my suggestion:

category 1: running from external write protected devices, stealthy EVEN in the case of a crash
category 2: running from external writable devices, stealthy EVEN in the case of a crash
category 3: running from external writable devices, not stealthy

additional notes:

Independency: In all 3 categories I assume no installation is necessary and max. 3 additionally downloadable public DLLs. But they must be recognized within the app folder. Personally I would discard all Java or .NET dependent software, because it's not really portable.

Fixing towards higher portability: There are apps, where you can chose, wheather you want to save settings in the registry or in the ini and/or where the ini is saved. Also there are apps like Miranda, where you can or have to edit the ini first to avoid writing to the documents and settings folder or maybe to the registry. For simplicity I would treat and grade all apps strait out of the box. But you could mention any fix you know. But that should not "draw" category 4 apps on this web site.

InstallShield: First I didn't like these apps on this site, but as long there are portable extractors like UniversalExtractor available it's arguable assuming it works straight out of the box (exept 3 more DLL's) and without copying anything outside of the app folder.

OS: I would set the standard to WindowsXP + actual SP (2) but without Java or Net. When Vista becomes more popular this can change. That could affect the amount of additionally needed DLLs. So if an app under Windows95 needs 4 additional DLLs - no listing.

Stealth: Software like obviously OperaUSB that writes during its running to the host (registry or file), but will delete it after closing (even completely) is according my suggestion only category 3 because it doesn't fulfil the crash condition or the (absolutely) stealthy condition.

BTW: What is Regrapper? That kind of tools which is used to turn an application artificially to be portable like on portableapps.com, that catches registry operations and transforms them to file operations in the background? I always thought these PortableApps like FirefoxPortable are stealthy EVEN in the case of a crash, aren't they???

Personally it is much more important to see a borderline between category 2 and 3 than between category 1 and 2 so I would not mind only a "is or is not stealthy" grading.

User avatar
Andrew Lee
Posts: 3048
Joined: Sat Feb 04, 2006 9:19 am
Contact:

#11 Post by Andrew Lee »

It seems to me there are three distinct topics discussed here:

- Stealth
- Application portability
- Settings portability

Most of you who have stuck around here long enough would know I don't really care one way or another about "stealth". Even a commercial platform like U3 doesn't promise stealth. In addition, certain Win32 calls will indirectly modify the registry eg. the MRU entries of the open/save dialog, DirectX apps etc. How do we classify those?

I guess the baseline criteria for a portable app on this site is "application portability". If an application has external dependencies, then it cannot be portable. But even this criteria has a lot of gray area. Some apps depend on VB, OCX (register on demand), Python, Perl, GTK+, GDI+, DirectX, newer MSVC or MFC DLLs etc. Are these portable? If an app bundles a private Java runtime, is it portable?

Then we have "settings portability". As we can see from some of the replies, some people care about it, some people don't. I have taken the view that for some app, it matters; for others, it doesn't. But there is still gray area here. For example, CD burning apps. Most CD burning apps will store config info about the CD writer hardware. Surely it doesn't matter these are not portable, since it is unlikely you will have the same CD writer across different machines. But what about other settings (eg. you always like to turn off Joliet for new projects)? For some, it does matter that these settings are portable.
Either an application is freeware or it isn't. Either an application is portable or it isn't.
Somehow, the sentences above keeps reminding me of George Bush's "Either you are with us, or you are against us. :D

It would be nice if we live in a black-and-white world, but we don't. There are lots of gray area in everything we do. For example, check out this thread where we went into a convoluted discussion about whether an app that pops up a message can be considered "freeware". Other examples come to mind: Is postcare-ware freeware? How about apps that are only free for personal use? How about a "liteware" app that displays an ad for its payware brother?

tripex
Posts: 16
Joined: Tue Aug 08, 2006 10:51 pm

#12 Post by tripex »

Well Andrew, finally it's your site. But I really can't see, why not putting a big "non-stealth" to non-stealth applications. I guess, this would satisfy the mass of purists and decrease related comments.

MRU: Of couse no application is 100% non-stealth, but you could extend the definintion to avoidable entries, like sombody already noted.

dependencies: Personally I would discard completely all these apps which are dependent from special software additionally installed. Therefore a simple and smart standard system should be defined.

settings portability: Personally I don't differ between writing to the host for the purpose of saving settings or for other reasons. I would have no problems with CD burners as long they have the non-stealth tag.

My care about stealth is less the fear of loss of privacy than the chance to let run my portable software on a very right-restricted host with write-protected registry or partitions.

freeware: I don't know if there are many comments about this, but maybe it's worth to discuss this as well. Basically I see freeware as software with the basic intention of the author NOT to make money with it. Because as soon there is the wish of money in the background the software becomes annoying in many different ways.

User avatar
Andrew Lee
Posts: 3048
Joined: Sat Feb 04, 2006 9:19 am
Contact:

#13 Post by Andrew Lee »

Well Andrew, finally it's your site. But I really can't see, why not putting a big "non-stealth" to non-stealth applications. I guess, this would satisfy the mass of purists and decrease related comments.
I don't have a single field that says "Non-stealth", but in the "Write settings to" field, I do note down registry writes if I find any. It's not as if I try to hide anything. It's all there for people to see.

But if you look at the comments, the purists say I shouldn't list such apps in the dataabse! To them, registry writes = not portable, which I disagree with.

For example, some apps use 3rd party controls that for some reason writes some values to the registry. But these values are not associated with any of the app settings, and can't even be changed via the app interface.

In fact, for some controls, once the entries are written to the registry, they never change! But the purists say, no, such apps cannot be classifed as portable and hence should not be added to the database.
freeware: I don't know if there are many comments about this, but maybe it's worth to discuss this as well. Basically I see freeware as software with the basic intention of the author NOT to make money with it. Because as soon there is the wish of money in the background the software becomes annoying in many different ways.
This doesn't resolve all the edge cases that has been discussed elsewhere in the forum eg. liteware that advertise their payware cousin, or apps that urge you to donate once in a long while (eg. every six months). Search the forum and you will see it is a popular subject that pops up from time to time.

Chris
Posts: 106
Joined: Sun Dec 03, 2006 10:08 am

#14 Post by Chris »

*About MRU perhaps could be categorized in new category? Or put it in the non-Stealth category while stating that it writes to MRU or others history keys. And I think there are apps that have feature to delete this history entries.
*For application portability I guess it could be considered portable if users only need to copy some dll files to the application folder (not when user needs to install run-time or softwares). I personally don't mind with just copying few files, but I believe some people don't agree, so perhaps new category for people who want stay away from this kind of apps? But this also depends on the user's OS.
*The settings, I think as long as user can save their settings could be categorized as Portable Setting.
*I think most people don't really care if it's postcard-ware or donation-ware, as long as they can use it without annoyance.

So overall, perhaps...

Application Portability:
1. Stealth : Doesn’t leave any info in the host PC
2. Partially Stealth : Remove info in the host PC when the app is closed
3. Partially Non-Stealth : Leave MRU, Cryptography, things that are not settings
4. Non-Stealth : Leave info

Application Dependencies: (Based on OS?)
1. Independent : Can be run without any additional files or run-time
2. Partially Dependent : Needs to copy some files inorder to run
3. Dependent : Needs to install software or run-time

Settings Portability:
1. Portable Setting : The setting can be easily transferred
2. Non-Portable Setting : The setting is not portable

Freeware Status:
1. Freeware : Fully freeware
2. Partially Freeware : Donation, postcard, advertisement, but doesn't nag
3. Nagging Freeware : Nag users for donation, advertisement, etc.
4. Personal-Only Freeware : Freeware for personal use only

Like I said, perhaps "Application Portability" no 3, can be categorized as no 2, but needs to be stated, besides not many software listed here that has wrapper. And I don't like "Application Dependencies" no 3, but can be useful for some people.
Hope this could give some ideas.

LordHellraiser
Posts: 1
Joined: Thu Apr 26, 2007 12:55 pm

My two cents...

#15 Post by LordHellraiser »

Well I really don't like to write so much... but I wanna share what I've doing since the first time that I visit this page long time ago...

The applications that writes in several sites on the HDD are a pain in the a$$, but the ones who only writes in the registry are piece of cake... at least for me.

I'll use as a example "Cerberus FTP Server" wich is a freeware and only writes settings to the registry, but I paid for it since is not for "personal use", so I need to carry my License/users/settings/etc

To much bla, bla, bla... just do this (any application):

1. Install the application (don't run it)
2. Open any registry editor (the one boundled with windows will work just fine: click on "START", click "Run...", type "Regedit", hit enter)
2. Check this roots in the registry (since all or almost all applications write its settings in here):

Code: Select all

	a) HKEY_CURRENT_USER\Software
	b) HKEY_CURRENT_MACHINE\Software
3. Run, configure and close the application, see what have changed in the registry.
4. Export the root(s) that were created (in case of Cerberus) "HKEY_LOCAL_MACHINE\Software\Cerberus FTP Server" (Menu "File", command "Export", give a name (like settings.reg) and save the file in the folder where the application was instaled).
5. Close regedit and go to that folder.
6. Make a .BAT file in the folder with this lines (in case you don't know much about BAT files lines starting with "rem" are comments):

Code: Select all

    rem 1) This line turn echoing off, in others words you won't be able to see "console output"
    @echo off
    rem 2) This line will import into the registry the settings that we previusly exported
    regedit /s settings.reg
    rem 3) This will start the program, don't forget to enclose betwen quotes if there are spaces in the name
    Cerberus.exe
    rem 4) This line will delete the settings file previusly imported in order to...
    del settings.reg
    rem 5) Import again the settings (in case have changed)
    regedit /ea settings.reg "HKEY_LOCAL_MACHINE\Software\Cerberus FTP Server"
    rem 6) Import one last file into registry to erase the settings left.
    regedit /s unreg.reg
7. Make a unreg.reg file containing this two lines:

Code: Select all

    REGEDIT4
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Cerberus FTP Server]
8. Copy the folder where the application was installed to a USB/Optical Media and uninstall from your PC

The steps 4 and 5 in bat file are optional in case you don't want back any data from registry... or step 2 may be optional too if you only want to clean the data left for an application. You can even do more tasks with the bat file like clearing out a Log file or may be a folder with temp files... it's your choice and deppends on the app.

Now you got a portable app who doesn't leave "trash" in registry plus you'll allways get your settings (in case you need it). From now on you only need to call the .BAT file, and of curse DON'T CLOSE IT, it'll close automatically when the the job is done... If you don't like the "ugly" black window from the command line interpeter you can google for a "bat2exe compiler", but the answers are pretty limited, my choice was "Quick Batch File Compiler" from "Abyssmedia" this tool actualy *hides* the command line window meaning that is still there, and you application too... so there are a big list of parent-child applications. IE (Cerberus):

(from Quick Batch File Compiler) start.exe -> (the command line itself, hidden but still in there) cmd.exe -> (final application) cerberus.exe

So if there's someone with a better idea that this (to hide command the line interpreter window)... write back.

Hope this helps someone... I just register myself to share this little idea that have worked for me.

PS: I use this with A LOT of applications who aren't "portable"
PS2: The good think is that "I don't like the bla, bla, bla..." lol

Edit: Just misstypes

Post Reply