Good morning,
Over the years I’ve seen many users recommend “portable apps” for Windows PC’s as they’re more secure. “Portable apps” are often available alongside reguar “installer Apps.”
However, I’ve noticed that “portable Apps” will usually have the .ZIP extension at the end.
Here’s a clear as day example of what I mean:
Sumatra is an open source app and it has a “portable version” that comes in .ZIP format and a regular installer version with the .EXE extension. I’m nervous about downloading .ZIP files because they may contain malicious files in addition to the portable app.
https://www.sumatrapdfreader.org/download-free-pdf-viewer
Thank you for reading my question!
- Where did you hear that zip files are malicious? An exe could also be malicious and you wouldn’t even know if it’s precompiled
- Portable apps are just executables that you can run in-place and don’t need to spread their files across program files, appdata etc. There’s no inherent security benefit as they’re just as unsandboxed as any other excutable on windows*
*yes technically some store apps can be sandboxed and there’s the whole win32 sandboxing project MS is working on, and the hyper-v windows sandbox thing, but for all intents and purposes you should treat all executables on windows as unsandboxed
2 Likes
The advantage of portable .zip is that for machines that wont allow for installation (such as your work machines), you dont have to go through the Windowa Registry and ask for admin priviledges to add/remove entries.
I guess it is more secure for your local computer.
If a .zip file is dubious for you, just throw it to VirusTotal and it will scan for known malware.
2 Likes