I remember PortableApps.com fondly from my childhood, I spent days building and customising USB sticks with auto-launching menus and all of the tools and utilities I could ever need. Getting a bigger USB stick was always fun as I could put more stuff on there.
I used to enjoy just browsing the app list to find out about new software I'd never heard of.
Having not run Windows for most of my adult life, I haven't used it or even remembered it exists for a long time, I'm glad to see it's still doing well.
I enjoyed that too. Mac user at home, but school only had Windows 2000 PCs with IE5, Office and not much else. Meanwhile I carried around my USB drive with Firefox (tabs and bookmarks!!) and Open Office so I could then edit the same docs on my Mac at home. I was always in fear of one day the IT dept figuring out how to block it.
Glad it helped you out in your youth. You can still play around with it under Wine if you're a Linux user. And I'm prepping a Mac package with a Wine variant.
I created a simple tool folks could run locally to auto-run their PA.c drive on their PC. But you could just set Windows to open Explorer to the drive contents automatically and then double-click Start.exe, so it wasn't a huge inconvenience. And soon after we started working with cloud drives, too. And local. So it gradually became less relevant anyway. I even ditched the old autorun.inf files since some folks didn't know how to rename their drives after.
I never touched ZIP drives, went straight from floppies to USB sticks and CDs, I think I remember first using floppies to "upgrade" my Olivetti PC from DOS to Windows 3.1, was several diskettes, mid to late 90s perhaps? I was single-digit years old at the time.
PortableApps.com is where I started programming back when I was 11 years old in 2008.
The community completely changed my life. I learned a lot about writing software on forums and the IRC channel from numerous people that were just willing to give advice to a stranger. I'm glad this community is still alive.
I proudly say my first programming language is NSIS. (The Windows scripting language most wrappers on the site are written in.)
… and I proudly say that I saved another generation from having to wrangle with NSIS, and all the copying and pasting of obscure and buggy code that was endemic, by writing the PortableApps.com Launcher!
(I’d probably write the PortableApps.com Launcher in Rust these days, though you’d have to be careful to avoid things like bringing in Unicode tables, and put more effort than usual into shrinking things. Rust has been my favourite language since 2014 now. But I would consider Zig seriously too, though I’m not familiar with it or its Windows API interop. But as with almost all of the developers connected with the PortableApps.com project, once I got a bit older I seldom or never needed it, having a computer of my own, and so drifted away at last.)
My first job circa 2004 was writing an NSIS installer for a long-gone startup in the East Midlands, UK. It was not my first language, but I very much enjoyed it.
"Portable" applications are, in my opinion, the absolute best way to distribute applications. They act like ye-olde desktop applications from the 80s and 90s where everything was a single self-contained object, meaning that application management was identical to regular file management. Copy them to new media to 'install', delete them to 'uninstall', run them from file shares, CDs, or USB sticks, keep them organized in folders however you want, and have multiple versions of the same application without any fancy management tools, gigantic dependency resolution databases, or third party middlemen painstakingly integrating everything.
Sadly, the world has moved away from this kind of simplicity.
This is why I love macOS so much. Every application is in /Applications. "Installation" isn't even something. 99% of the time, drag&dropping an app in this folder is all you need to do. If I want to delete an app, I go there, ⌘ + ⌫ it and it's done. Updaters just works and the new version just replaces the old one. Application data is almost always in ~/Library/Application Support/Application so I don't have anything else to do.
I was flabbergasted the last time I had to clean up a Windows computer to see how convoluted software update and removal is. You need to go to a specific windows preference pane to be able to uninstall an app, and even then most apps have a specific software to uninstall them, which sometimes needs to be downloaded separately. If you want to uninstall two apps at the same time, you can't. Upgrading an app generally involve manually navigating to the app's website, downloading the latest version, install it somewhere it doesn't interfere with the previous version, then deleting the previous app folder, then praying for windows to be able to link its search results to the correct ones after that process. It's baffling the very feature why operating systems exists in the first place (managing applications) still isn't solve more than 40 years after the first windows release.
You are cherry-picking the best experience one can have on macOS, and contrasting it with the worst experience on Windows. This way it just sounds like comparing in bad faith.
There is plenty of Mac software that requires an installer and Uninstaller, plenty of off-behaving applications that put stuff directly into ~ or ~/Documents, and even those that install some internal executables into /usr/local/bin.
You can have an equally pleasant experience on Windows (after all, this is about portable apps...). There is "mature" software whose installers will just override (update) the existing application (e.g. Anki, Affinity apps), %APPDATA% is your Application Support folder on Windows (if only more software would use it), and then there's also the slightly new .appx packaging with a clean way of uninstalling. No one hinders you to just download portable apps directly from the vendor and putting it into C:/Applications, if you want that.
If there is an odd one out, it would be Desktop Linux.
For one user yes, macOS is a lot better. For managing enterprise fleets of computers Windows is far far ahead. MSIs are very powerful and can be deployed well at scale.
Linux is really the problem here. Installing software newer that what your distro has packaged is often a total nightmare, with PPAs which can blow up your entire apt system. I think flatpak etc are on the right path.
Firefox and Jetbrains are probably among the most popular Linux software. Every language runtime from NodeJS, Go, Python and Perl. Sublime Text, Citrix, Teamviewer, every commerical CAD software, pretty much very game.
Generally with Windows if you need to update a program just running the new installer will update it IME. No reason to install it somewhere else.
Mac programs will often leave behind crap hidden in the library folder that I find frankly pretty annoying. Sometimes it's pretty sizeable and not entirely clear if it's safe to delete. Windows Uninstaller process is more annoying but it does a better job removing related components.
1) If a library is that widely used it should be part of the base OS. Widget toolkits, networking, cryptography, OS management/interface, etc. Anything else is used by such a vanishingly small number of programs it probably isn't worth considering anyway. See: https://drewdevault.com/dynlib.
2) We have sandboxing these days, and I contend that all applications should be sandboxed by default anyway. Mobile got this right (idea, not implementation per-se) and it is high time desktops caught up.
3) Nothing stops anyone from using a repo of portable applications and managing them with a tool, it just opens up the option to not have to do that.
Updating isn't that hard. Searching for applications and connecting to a URL specified in their manifest file to download an update diff (one of many ways to do it) is a trivial task for modern computers.
Yes, it's a tradeoff compared to repos and package management, but I personally think the upsides more than outweigh the relatively small downsides. Simplicity > complexity where complexity is unnecessary, and I contend that the complexity of package management schemes is unnecessary.
I still keep a collection of these on hand for locked down Windows machines where I am denied admin. Cannot install anything, but I retain the power to copy and run random binaries.
That's where they really shine. I did the same when I had to get stuff done on absolutely ancient bog-standard Dell Windows machines a while back. I think they had IE 10, no PDF reader, no office software, no media player. I was supposed to do regular office work with that setup (weird situation). One visit to Portable Apps and my hours spent in the office were so much better.
I still use the site for fun or for simple utility value even in Linux sometimes.
We tried this at work when the first big ransomware wave hit. Despite our best efforts it just didn't work out. A shocking number of utilities used by various departments did all sorts of strange things like dropping executables in %TEMP% when running some internal process. Not to mention all the different versions of things like GoToMeeting and its ilk. It was a management nightmare to try and keep up and we ultimately determined it wasn't worth the hassle.
Choosing the right software is critical though, just because something is popular doesn't make it the right one to use.
WannaCry showed the world how joined up these attacks are, considering it exploited a bug in that old networking protocol. I found it interesting how they hit the crownjewels of many countries, psychologically I think it was a big message sent, asserting their dominance over others.
Then the VM gets compromised instead of their workstation, no real difference. Even if you just mean sandboxing or using a VM for a single application, that interferes with all the integration of those applications. Again, more trouble than it is worth and too confusing for the users. They have a job to do, and it is our job to make sure they can do it with a minimum of fuss.
We have implemented a lot of other ransomware mitigations to protect data on servers, which is where the users should be keeping anything important anyway, but if a workstation gets hit we just burn it to the ground and start over with it from a standardized corporate image. We've also implemented mechanisms for early detection with automated triggers to cut any affected users and workstations off until an admin can look at it. And we've altered our backup strategy to make damaging one set of backups from anywhere but a locally connected console as impossible as we can.
The VM may get compromised, it depends on how you set it up, not all apps need to phone home for a start and dont need anything more than limited network access but thats firewall/IPS/IDS domain. You hint your may be corporate unlike a home user who has less tools and disposable income at their disposal and VMware unity is a quick cheap fix as its free for home use.
Your persistence is right there, doesnt matter how often you reinstall an OS then if you have a system running like a sim card working with a smartphone OS but also independently communicating with the hw like a bluetooth/wifi mesh network but you also have network printers/scanners and other HW that connects to a network to check out to check out the firmware for. I loved having to flash the old EEPROM's, physically taking the chip out, removing the sticker over the quartz window, exposing it to UV light, before sticking the label back over the window and then flashing it on a EEPROM flash machine, that physical process made it harder to hack unlike today.
So how quickly can you get your backup loaded on blank servers, workstations and switches? Exchange server can take its time if people have GB+ mailboxes.
I'm surprised you are allowed to use USB drives! When I put a USB drive into my employers laptop I have to let Windows erase and format it with bitlocker before I could even use it.
> but I retain the power to copy and run random binaries.
This is seen as bad practice and is on its way out. Many companies are implementing IT policies that prevent all binaries from running unless the source is a privileged location (e.g. program files) or it’s signed by Microsoft’s private key (and this is only because Teams for some idiotic reason is still installed in appdata against all best practices and MS own explicit guidance.)
Honestly, it's not bad practice to run a binary, that's literally how computing works. Binaries all the way down, why bless one over another, you heard the situation, the host OS was not functional.
Running random binaries in this case was likely more secure.
I advocate for the human over the company every time.
When only allowed signed binaries, reboot into owned OS.
When locked out of the boot loader, bring a computer the size of a standard power adaptor.
When locked out of WIFI Mac or ethernet ports, sling from a ephemeral hot spot tethered to cell access.
> (and this is only because Teams for some idiotic reason is still installed in appdata against all best practices and MS own explicit guidance.)
Maybe it's because the Teams Desktop client is a rebranding of Skype's[0]. I guess it's easier said than done in their case.
0: At least on Linux for whatever reason the temp folder of Teams is called Skype, when the system notifies you, it goes along the lines of "Skype is using your Microphone"
>Maybe it's because the Teams Desktop client is a rebranding of Skype's
I think it's just because that's the default behavior for Electron apps and they're too lazy to change it. IIRC, VSCode had the same problem, but they fixed it eventually.
Moreover, companies seem to be increasingly disabling access to USB storage, and/or running everything on remote servers so the laptops are little more than expensive video terminals.
AFAIK you can always bring your own "keyboard driver" on USB. And i haven't seen this "running everything on remote servers" from some times. It is more like run everything from remote locations in browser.
Sure but the assumption being made by this policy is that it’s difficult to break the browser sandbox. This isn’t being implemented bec IT doesn’t like ppl running random binaries. It’s to prevent malware from gaining access to the system.
There are still many common hacks that rely on executing binaries that have been downloaded, as long as the infiltration point doesn’t also have elevated access these types of hacks are prevented.
I have been using these on Windows along with Autohotkey for a long time.
Back then having a set of programs that are set up how I like them that are the same on whatever windows os I was using that were self updating was game changing, and still is really on Windows.
Now having a set of programs windows can't easily spy on, serve ads into, and take "diagnostics" from is the upside.
Like autohotkey this suite makes windows usable for me.
I mostly use Linux but if windows has anything on Linux is portable apps.
Great resource that I use off and on! However usually my first attempt on locked down machines will be trying to extract the MSI installer or installing exe with 7zip, to see if I can run the contents directly.
I use the Firefox portable app quite heavily. I like to separate my browsing into different buckets for different things. Yeah I know Firefox allows you to do this with containers, but having a dedicated profile is better and it's difficult to confuse what context you are in. Then there's Firefox profiles, which is another way to divide up your browsing (which I use) but not as much as having dedicated portable Firefoxes I can use for different things.
Over the years of using Firefox portable, I noticed that sometimes the update broke, since a whole new engine was created by Mozilla and the update wasn't graceful. But nevermind, I simply downloaded the latest version from Portableapps, and copied over the profile directory and I was good.
I even have copies of old portable versions of Firefox like v56 that I use to test sites in, just incase my users are using some legacy version / old versions of Palemoon (for whatever reason).
We also have the Second Profile utility so you can have as many easily launched profiles as you want portably since Firefox profile manager doesn't work portably.
I use Firefox for everyday generic browsing, and Chrome for specific buckets. Chrome profiles are soo good and easy to use compared to Firefox profiles or containers.
I’ll definitely look into portable Firefoxes for buckets.
Isn't Chrome a privacy issue though? I inspected the traffic with Wireshark and saw loads of requests to Google. Then lately there is news about their upcoming extension Manifest stopping the ability to use uBlock and other privacy extensions, so I want to avoid Chrome. Heard good things about 'Ungoogled Chromium' however (you should check it out!)
You can also have different profiles in Firefox, you can launch the Profile Manager with firefox -P. I do this setting different skins for my profiles.
Yeah I do this too. You can also navigate to `about:profiles` in the address bar and launch a profile of your choosing.
In the end there's many ways to slice and dice different profile buckets. I use a combination of containers, profiles, and portable browsers.
The beauty of portable browsers is you can 'clone' them so you don't have to configure new profiles. All your settings can be configured once, and copied to a clone portable browser which you use for a different context.
BTW: Love the idea of using different themes/skins for different contexts :)
I had a PortableApps setup on my USB hard drive when I was in college. With this setup, I didn't need a laptop. I can use any Windows desktop in computer labs or libraries. Super convenient. I always dislike the small screen and keyboard on laptops, so it was very helpful.
And I put the USB drive in my backpack, only took out the cable when using it. So I never lose it or damage it.
I ran Firefox, Notepad++, XAMPP, R and RStudio from the USB drive. At that time, Dropbox was new and there were hacks to run Dropbox on USB drives.
I played that game a ton, but was always bad. It, along with Halo, were two games I could put on a USB stick to play on school computers. Both were great for poor hardware.
That was one of the main reason I got into it. Our school blocked the main serverlist but one server still somehow got through, so we could have secret lan parties in computer labs
Massive, MASSIVE fan of John and his work. I use a set of apps at home and at work, not because I can't install stuff but for convenience. Things like the auto-prompt for updates are a blessing when installing stuff on non-technical family member's computers. That's reminded me, I've been meaning to go and donate, they deserve some of my money.
I mostly preferred to use portables even on my PC, not just on USB sticks. The idea of having the whole app including its settings and data contained in a single directory (on a dedicated partition, keeping the system registry clean and surviving full-format OS re-installations, also usable from multiple OSes) is very appealing. The selection of apps PortableApps.com offers also is amazing - I have found out many great apps and games just from there.
I remember using PortableApps mostly during high school and college, when I'd load them onto a flash drive and plug them into a random computer in the computer lab to be able to run, say, Firefox instead of the workstation's locked down browser.
With that use-case in mind, how many "Linux" workstations in a school/university/library am I likely to run into whereby I'll need to run portable software?
Well at university I primarily was using Linux. Since I wanted to use Emacs I ended up downloading the source code and compiling and installing it into my networked home folder. It would have been convenient if I could have just downloaded emacs.
I was also told later that doing that caused the networked file server to crash.
Portable apps often come in handy when you can't install software. You just want to sit down to a potentially new computer and run the software you want.
Lots of software does that these days because it’s the standard way to distribute stuff in Go and Rust. So much software is just dependent on kernel and architecture.
Terraform is a good example of a moderately complex piece of software distributed that way.
On windows you can rely on a very stable set of microsoft-provided dependencies. Across multiple linux distros, not so much. End up having to link the whole kitchen sink to work across repos (and there's a fair testing burden on the developer to make sure that actually works).
If that’s the case, then why do all installers install dependencies such as one of the many C++ or C# runtimes, current DirectX, etc? They also bring along all of their DLLs. So this doesn’t ring true.
Because those things have decided to use dependencies that are not provided by the base system, and because Microsoft has made some questionable decisions regarding C runtimes, DirectX, and the like.
The point is, I can always depend on user32.dll, kernel32.dll, and a bunch of other Windows API to be there and to still be compatible with how I'm calling it[0] 20 years from now. Linux is too fragmented and user space libraries break compatibility too often for that.
It isn't nearly as trivial as you imply. First you have to track down every shared lib and every shared lib that lib depends on, then you have to create a launcher script that specifies LD_LIBRARY_PATH and possibly also launches with a particular ld.so to ensure compatibility. If the application dynamically loads any libraries via API instead of the ELF you might need something like seccomp to intercept and rewrite paths in syscalls or screw around with user namepsacing. And that's just the tip of the iceberg when it comes to portablizing Linux applications.
You can link with the -rpath flag to hardcode an RPATH into the executable, which is essentially an LD_LIBRARY_PATH specified by the executable itself. It can be a relative path too, if you want to put the binary and its required .so’s in the same prefix.
But yeah, this isn’t common to do in the Linux world, unfortunately, because it’s expected that binaries and libraries live in distinct places on the filesystem, rather than bundling them together into an app bundle like on macOS.
Yeah, and thanks to Nix you can use PatchELF[0] to change the rpath on a binary too. Point being that for users it is not a straight-forward process to make a Linux application portable. Thanks to Linux Desktop's lackadaisical approach to userspace ABI compatibility it isn't necessarily that easy for developers either.
The last time I remember running any Java apps on Linux, they’d actually be launched by a launcher script that hardcodes a bunch of paths to look for a java installation and, a huge fraction of the time would get it wrong. Or they’d require a bunch of their own .jars and look for them in an installation path that isn’t easily relocatable. Or they’d bundle their own Java and turn into an even bigger nightmare. I definitely don’t remember it being just fine.
This was from the era when booting Windows from a USB key was impossible. Also, Linux never needed portable apps; security aside, one could just flash a live distro on a USB key and add games to it, then boot from it without leaving any traces on the host machine.
I used to enjoy just browsing the app list to find out about new software I'd never heard of.
Having not run Windows for most of my adult life, I haven't used it or even remembered it exists for a long time, I'm glad to see it's still doing well.