Portable Apps - how safe are they ?
- Thread starter ng4ever
- Start date
Please provide comments and solutions that are helpful to the author of this topic.
- Status
Portable apps are safe to use, when downloaded from a reliable source. Developers usually have portable builds readily available for their users (ie. CCleaner Portable (.zip)), otherwise PortableApps.com - Portable software for USB, portable, and cloud drives is a good place to start.
You can also create your own portable versions of installer-based software, and you can find them online.
- Software Protection, Software Licensing, Software Virtualization
- Evalaze application virtualization | evalaze
Avoid Portable versions of cracked commercial software such as Photoshop Portable as they may contain a nasty surprise. Adobe don't officially provide portable versions, so there is high chance it's pirated.
You can also create your own portable versions of installer-based software, and you can find them online.
- Software Protection, Software Licensing, Software Virtualization
- Evalaze application virtualization | evalaze
Avoid Portable versions of cracked commercial software such as Photoshop Portable as they may contain a nasty surprise. Adobe don't officially provide portable versions, so there is high chance it's pirated.
There are Portable Apps and Portable App(z).
Of course stay away from the last ones.
Of course stay away from the last ones.
Portable apps are as safe as any other software: they can be safe and reliable or might contain malware; it all comes down to the source of the software. The developer website and also Portableapps.com are good sources.
Portable apps are great,
pros
- you can "back up" them without using back up software (simply copy them to external disk)
- every files (settings, ...) stay in portable apps folder, sometimes in temp folder
- you can use them in different location (external disk, partitions, ...)
- no installer –> no PUP/PUA
- you can create your own portable versions, there are several programs you can use to achieve that (e.g. Cameyo | Teleport Your Software Anywhere)
cons
- some apps don't have official portable version
- or they have it, but you must dig through site
- or they are not "true" portable version (no installer, but they will create files outside apps folder)
- functions are more restricted (no integration to system)
- you have to wait to get latest version (e.g. using apps from PortableApps.com - Portable software for USB, portable, and cloud drives)
- usually – bad source (torrent, crack sites, ...) –> older/wrong app or even malware
reliable source:
- developer sites (e.g. CCleaner - Builds, Anti-Malware Download | Zemana, Bandizip - Download Free Zip Archiver to open ZIP, RAR, 7z files, Sysinternals Suite, ...)
- PortableApps.com - Portable software for USB, portable, and cloud drives
- open source apps usually have portable version
This is the most complete response. There are programs that are forced into being portable by a third-party. These are not always safe.
I have an 8gb pendrive crammed with Portable apps like google chrome and firefox.
Been using it for about 3 years with no virus warning or issues.
IMO its better than liberkey.
Been using it for about 3 years with no virus warning or issues.
IMO its better than liberkey.
)
I used to use Portable Apps for years but stopped using them as more and more programs can now be installed to just the users account not needing administrator privileges. Haven't used them for a couple of years now but so I'm not sure how they are and if they haven't improved or not.
Why is it so easy to infect a portable app.exe?
Well, there are several ways of infection, by including the overwriting of the code, replacing the files, adding code and breaking the code.
There are techniques of overwriting, which are very effective, because the change is permanent, and the file is corrupted
Any executable, when it is memory-mapped, has an EP (Entry Point) from which the execution begins, then it is possible to overwrite the one that is there, to the EP address.
Sure it is necessary to obtain this address.
All of the executable files have special headers that contain information, including an EP address.
For example, by entering a a shellcode that uses SEH, it runs the code. The Structured Exception Handler (SEH) is a mechanism that was implemented to mitigate the abuse of buffer overflows.
As you have already understood it is not difficult to create or infect a portable app, it is enough a good knowledge of programming in C\C++, Assembly and a knowledge of the general Windows architecture.
For this reason, you need to download these apps from reliable sources, and sometimes also the official manufacturer's website offers the portable version of the same software.
Well, there are several ways of infection, by including the overwriting of the code, replacing the files, adding code and breaking the code.
There are techniques of overwriting, which are very effective, because the change is permanent, and the file is corrupted
Any executable, when it is memory-mapped, has an EP (Entry Point) from which the execution begins, then it is possible to overwrite the one that is there, to the EP address.
Sure it is necessary to obtain this address.
All of the executable files have special headers that contain information, including an EP address.
For example, by entering a a shellcode that uses SEH, it runs the code. The Structured Exception Handler (SEH) is a mechanism that was implemented to mitigate the abuse of buffer overflows.
As you have already understood it is not difficult to create or infect a portable app, it is enough a good knowledge of programming in C\C++, Assembly and a knowledge of the general Windows architecture.
For this reason, you need to download these apps from reliable sources, and sometimes also the official manufacturer's website offers the portable version of the same software.
As long as they are downloaded from Trusted sources...
The sames holds for any App.
Like already said, if you use portable software, download them from trusted sources like PortableApps.com - Portable software for USB, portable, and cloud drives or LiberKey - Portable Applications
If they don't have them in their catalog, look at the official website of the software to see if they have a portable version available to download.
I personally use portable software a lot, especially if I try new software or use software that I don't need all day long. I like having a clean pc without too much unnecessary software installed.
If they don't have them in their catalog, look at the official website of the software to see if they have a portable version available to download.
I personally use portable software a lot, especially if I try new software or use software that I don't need all day long. I like having a clean pc without too much unnecessary software installed.
- Status
You may also like...
-
Why some apps want to install in appdata? (like Mullvad browser) - Is it safe?
- Started by aidunno
- Replies: 15
-
-
-
