Clarifiying Stealth: Yes, No, and a 3rd option

All suggestions about TPFC should be posted here. Discussions about changes to TPFC will also be carried out here.
Message
Author
User avatar
JohnTHaller
Posts: 714
Joined: Wed Feb 10, 2010 4:44 pm
Location: New York, NY
Contact:

Clarifiying Stealth: Yes, No, and a 3rd option

#1 Post by JohnTHaller »

I had some thoughts on the Stealth listing and wanted to get some other folks thoughts and spark a discussion. The Stealth line for entries is usually a simple Yes or No. Yes when the app leaves nothing behind. And No when it does leave things behind. There are quite a few apps that fit a 3rd option, though. Essentially, "No, But Yes when you do X". It wouldn't make sense to list these as a straight Yes as some additional steps need to be taken by the end user and a Yes may make folks who skim think that it is stealth by default. A No doesn't make a whole lot of sense for the same reason of folks who skim as the No stealth entries often simply list what is left behind.

As an example, look at Process Hacker: http://www.portablefreeware.com/index.php?id=1934

It is not stealth by default. But is if you launch it with the -nokph parameter and avoid using Help - Check For Updates.

For entries like these, perhaps it would make sense to have 3rd consistent option. Perhaps the stealth entry begin with "Not by default, but becomes stealth when" in bold perhaps. That way when skimming an entry it's easier for a regular site visitor to see if an app CAN be stealth even if it is not by default.

Thoughts?
PortableApps.com - The open standard for portable software | Support Net Neutrality

Jami
Posts: 9
Joined: Sun Jun 10, 2007 12:14 pm

Re: Clarifiying Stealth: Yes, No, and a 3rd option

#2 Post by Jami »

Thoughts?

Things must be slow over at PortableApps.

User avatar
Napiophelios
Posts: 610
Joined: Sun Mar 01, 2009 5:48 pm

Re: Clarifiying Stealth: Yes, No, and a 3rd option

#3 Post by Napiophelios »

I personally only want to see two options
option #1: Is it Stealth? YES.
option #2: Is it Stealth? No. It leave several empty folders in the user profile directory...etc.

There should be no simple "no" entries at all.
If you are answering the question you should be able to state specifics as to what is left behind.
This makes it easier for the user to weigh their options as to whether they should use the application or not.
Also,when an app is updated it helps if you know in general what to expect for when testing the upgrade for portability.
Also,lots of people are using lots of different OS each with its own unique set of traces left behind when using "dirty" portables.
Just skimming through the comments section you usually find such information.
Unfortunately I dont know anyone who has that kinda time to sift through all that and test and update each DB entry.

I dont know what all the rufus-er ruckus is about..though
I dont get upset when some one like you comes along and tries to help out a little.
I think some people just dont like you Jon and they will let you know whenever they can
no matter how foolish and little it reveals them to be..and no matter how often it has to happen.
I mean sheesh..Jami has only talked 8 times in the last five years and bam number nine is your ass dude hahaha :lol:

I do see the source though,I think.
This is a fun place for mostly hobbyist I think and alot of it is maintained by these very same people
Sure this site would benefit the user if there was a more strict "standard" but its constantly evolving and growing
and quite frankly its what makes this place cozy for me...But every time you talk its almost always about rules and structure and form and not every one values that stuff...I think they think maybe you are the portable police always harping about the law an such
I dont know...I like your resilience but sometimes I think you are justing trying to get a rise outta people
at the same time it doesnt hurt having someone out there trying to keep you on the straight and narrow either

WTFever those are my heathenistik thoughts for the day.
god bless this frikkin mess.
peace out noogies :mrgreen:



EDIT:

PostScript:
I think its fine to have a PAF alternative but if available the "Website" link should always be reserved for the software's original site not PA.com

User avatar
JohnTHaller
Posts: 714
Joined: Wed Feb 10, 2010 4:44 pm
Location: New York, NY
Contact:

Re: Clarifiying Stealth: Yes, No, and a 3rd option

#4 Post by JohnTHaller »

Napiophelios wrote:There should be no simple "no" entries at all.
If you are answering the question you should be able to state specifics as to what is left behind.
This makes it easier for the user to weigh their options as to whether they should use the application or not.
I wasn't advocating for simple No entries. A no should state what is left (example: Registry key HKCU\Software\AppNamer). I was saying that there are some apps that ARE stealth if you configure them the right way, but are not stealth by default. The example being Process Hacker. By default, it's not stealth. But, if you configure it right (launch it with a parameter and don't use the update function), it's stealth and leaves nothing behind without needing a wrapper to clean up after it. I think folks would appreciate it being easier to see quickly if an app works like that.
Napiophelios wrote:I think its fine to have a PAF alternative but if available the "Website" link should always be reserved for the software's original site not PA.com
This suggestion/topic has nothing to do with PAFs or other alternative listings at all. It's simply to make existing listings of 'native' portable apps more helpful so folks can quickly determine if a given app does what they want. It could even be helpful to have a 3rd option so users can search on it later if Andrew enhances search so a user could search for stealth browsers, for instance, and not have the ones that are stealth as long as you configure them right excluded from that sort of search.
PortableApps.com - The open standard for portable software | Support Net Neutrality

User avatar
Userfriendly
Posts: 430
Joined: Tue Nov 27, 2012 11:41 pm

Re: Clarifiying Stealth: Yes, No, and a 3rd option

#5 Post by Userfriendly »

Yes, No, Maybe So. Sounds good to me. Maybe there should be 4 options. Like 'stealth by default, but not when checking updates b/c writes to registry blahblah' and 'not stealth by default, but it is when run with -argument/batch command yada yada'

User avatar
I am Baas
Posts: 4150
Joined: Thu Aug 07, 2008 4:51 am

Re: Clarifiying Stealth: Yes, No, and a 3rd option

#6 Post by I am Baas »

@JohnTHaller

WTF?
2013-01-15_PH JTH Update.png
Did you place the same comment here or in any other PA.com application page for that matter?

I proceeded to remove this unnecessary comment.

BTW, I did find entries in the Internet Cache after running your package even though I did not check for update.

User avatar
JohnTHaller
Posts: 714
Joined: Wed Feb 10, 2010 4:44 pm
Location: New York, NY
Contact:

Re: Clarifiying Stealth: Yes, No, and a 3rd option

#7 Post by JohnTHaller »

I am Baas wrote:WTF?
2013-01-15_PH JTH Update.png
What's the problem? If you check for updates, it leaves behind an IE cache file. Most apps will not do this when they check for updates as they'll call the wininet API with caching and cookies turned off (as they should). Some users will be concerned about that. Note that it's not launching a web page, it's an internal check in the app itself, so a user concerned with stealth may assume that it isn't leaving behind traces on the local machine.
I am Baas wrote:Did you place the same comment here or in any other PA.com application page for that matter?
The Process Hacker Portable launcher waits for Process Hacker to close and then cleans up the entry.
I am Baas wrote:I proceeded to remove this unnecessary comment.
Why is an accurate mention of how an app is not stealth and how to avoid the non-stealth behavior unnecessary?
I am Baas wrote:BTW, I did find entries in the Internet Cache after running your package even though I did not check for update.
I can't reproduce this on a clean Windows XP image. If you do see it, that would be a bug. What OS did you see it on?

I was going to switch Process Hacker Portable to be a launch and exit launcher with today's release. We do that with PortableApps.com apps where the launcher doesn't need to clean up, essentially making it an advanced shortcut (with path portablization, etc) rather than what folks think of here as a wrapper. While updating it I realized that we couldn't since we need to clean up the URL entry on exit of Process Hacker. As I did that, I realized the entry for Process Hacker here at PFC was incomplete and added the information I had, including how to avoid leaving tracks. I figured folks would appreciate the additional details on how to keep it stealth.
PortableApps.com - The open standard for portable software | Support Net Neutrality

User avatar
I am Baas
Posts: 4150
Joined: Thu Aug 07, 2008 4:51 am

Re: Clarifiying Stealth: Yes, No, and a 3rd option

#8 Post by I am Baas »

JohnTHaller wrote:
I am Baas wrote:BTW, I did find entries in the Internet Cache after running your package even though I did not check for update.
I can't reproduce this on a clean Windows XP image. If you do see it, that would be a bug. What OS did you see it on?
Win 7 64-bit, but I now suspect it's a Sandboxie issue. I shall do a few more test later on today and report back.

Also, thank you very much for explaining, I can now see how your edit was significant after all... I will undo the change.

User avatar
JohnTHaller
Posts: 714
Joined: Wed Feb 10, 2010 4:44 pm
Location: New York, NY
Contact:

Re: Clarifiying Stealth: Yes, No, and a 3rd option

#9 Post by JohnTHaller »

I am Baas wrote:Win 7 64-bit, but I now suspect it's a Sandboxie issue. I shall do a few more test later on today and report back.
Ah, we've had devs run into this with Sandboxie before. If you happen to figure out a reason why it happens in some instances but not others, please let us know, as I haven't figured it out. And if we can somehow detect Sandboxie and work around it in the PA.c Launcher the way we've worked around Wine issues in the past, it would help with both use and testing.

For exhaustive testing, I keep clean images of Windows 2000 through 8 on hand with only critical or critical+recommended updates applied (whatever the OS sets it as during initial install). It's very useful for testing but beyond most devs in terms of financial or machine resources (protip: an MSDN account gives you development licenses for everything at far less than retail and VirtualBox or VMWare will do a good job of letting you snapshot each VM at a given point). I wish there were an easier way to give all devs a way of tracking things effectively without the need for clean VMs, but we've run into some sort of issue with everything we've tried, either technically or legally. If we can figure out a low-impact way to reliably test for portability, I think it would help everyone involved.
I am Baas wrote:Also, thank you very much for explaining, I can now see how your edit was significant after all... I will undo the change.
You're welcome. And thank you for taking the time to read the explanation and rooting out the Sandboxie issue.
PortableApps.com - The open standard for portable software | Support Net Neutrality

User avatar
SYSTEM
Posts: 2041
Joined: Sat Jul 31, 2010 1:19 am
Location: Helsinki, Finland

Re: Clarifiying Stealth: Yes, No, and a 3rd option

#10 Post by SYSTEM »

Eh, AFAIK leaving files in IE cache doesn't affect stealthiness. See http://www.portablefreeware.com/forums/ ... =2&t=17710.

Regarding the topic, I like Userfriendly's suggestion.
My YouTube channel | Release date of my 13th playlist: August 24, 2020

User avatar
Midas
Posts: 6710
Joined: Mon Dec 07, 2009 7:09 am
Location: Sol3

Re: Clarifiying Stealth: Yes, No, and a 3rd option

#11 Post by Midas »

I like the binary YES / NO option, complemented with further/proper specification for whatever else in the entry's notes...

Having said that, it's time to declare yet again that "I'm not a stealth purist". ;)

User avatar
JohnTHaller
Posts: 714
Joined: Wed Feb 10, 2010 4:44 pm
Location: New York, NY
Contact:

Re: Clarifiying Stealth: Yes, No, and a 3rd option

#12 Post by JohnTHaller »

Userfriendly wrote:Yes, No, Maybe So. Sounds good to me. Maybe there should be 4 options. Like 'stealth by default, but not when checking updates b/c writes to registry blahblah' and 'not stealth by default, but it is when run with -argument/batch command yada yada'
Maybe so is kinda funny. But you're right, a simple "Maybe. Appname is stealth if you run it with the -pleasebestealth commandline parameter and avoid using the TotallyNotStealth function." It could also be something like "Yes, but only if..." or "No, unless you...". I guess it depends on whether you are a glass half full or glass half empty person. :)
SYSTEM wrote:Eh, AFAIK leaving files in IE cache doesn't affect stealthiness.
Maybe if an app leaves something less important like cookies or cache files in IE, something like "Mostly" would be more appropriate for the stealth line. Or, if PFC's definition of stealth isn't concerned with IE traces, something like "Yes, but does leave one IE cache file." That way it's saying Yes since it meets the definition but still including the info for a user who might care or be curious.
PortableApps.com - The open standard for portable software | Support Net Neutrality

User avatar
guinness
Posts: 4118
Joined: Mon Aug 27, 2007 2:00 am
Contact:

Re: Clarifiying Stealth: Yes, No, and a 3rd option

#13 Post by guinness »

Lets face facts, there is never going to be a 'truly' Portable application given the nature of Windows.

My definition for Stealth is when an application doesn't purposely save data outside of its own directory or if it can take preventive measures to stop it doing so. Take for example the "Windows HTTP Services", is this the application or Windows which is at fault? Windows, I would say.

User avatar
JohnTHaller
Posts: 714
Joined: Wed Feb 10, 2010 4:44 pm
Location: New York, NY
Contact:

Re: Clarifiying Stealth: Yes, No, and a 3rd option

#14 Post by JohnTHaller »

guinness wrote:Take for example the "Windows HTTP Services", is this the application or Windows which is at fault? Windows, I would say.
I hear you. But with the example of WinInet, I'd argue it's the app. It's just as easy to call the API to download a file passing it the parameters to disable caching/cookies as it is to call it without. Windows leaves it up to the app, depending on the functionality it needs. In the case of an app that is coded to be portable and billed as such, it should call the API with caching/cookies disabled.
PortableApps.com - The open standard for portable software | Support Net Neutrality

User avatar
I am Baas
Posts: 4150
Joined: Thu Aug 07, 2008 4:51 am

Re: Clarifiying Stealth: Yes, No, and a 3rd option

#15 Post by I am Baas »

@JohnTHaller
I did not have much time to test ProcessHacker Portable yet but I am fairly certain it's a Sandboxie issue.
ProcessHacker Portable.png
ProcessHacker Portable.png (7.6 KiB) Viewed 28868 times
This only happens when I run the application sandboxed.

Post Reply