AKA the "I just got hired and I start Monday go me!" edition.
Application: Google Chrome
Category: Internet
Description: "Google Chrome runs web pages and applications with lightning speed."
[Edit: NOTE: When upgrading from the previous release, if you used Portable Passwords, please see the note at the end of this post otherwise your saved passwords may be lost when upgrading.]
Download Google Chrome Portable Stable Branch 3.0.195.33 Revision 2 Development Test 2 [1.5MB download / 34MB installed]
(MD5: 9ac73657ad96e8125b3bcbb7468b8384)
Download Google Chrome Portable Beta Branch 4.0.249.30 Development Test 1 [1.5MB download / 34MB installed]
(MD5: 29bca5cb9e92988e7d4edd0e4fee2f45)
Download Google Chrome Portable Dev Branch 4.0.266.0 Development Test 1 [1.5MB download / 34MB installed]
(MD5: 35d52a68e4ef3e1ffa0ea406af1346b8)
[Edit: Bumping for new release instead of a new thread 'cause there are mostly minor changes. I improved the algorithm slightly (not as much as I wanted to, AES refused to work, if anyone has a good code sample for AES with the Crypto API let me know) and fixed all of the other problems I mention below.]
Biggest update is the Portable Passwords! It's opt-in since it needs to prompt you for a master password on startup, and the algorithm I used to encrypt the passwords is possibly weak, and it does not hide the length of the original password. I believe I know how to use a stronger cipher for next release.
This thing was hard and I had to code it in C++ as an NSIS plugin (no way around that as far as I could tell, I tried a bunch of things) so now that it is working I will push it out and take a small break. 
Known Bugs:
- When opting in to Portable Passwords (see GooglechromePortable.ini), it is possible to determine the lengths of your saved passwords without needing the master password. The master password itself uses a different encryption algorithm and does not have this problem. I will be looking at how to address this in a future release. [Edit: Haven't figured out how to use AES instead of RC4 yet, Crypto API is giving me an error the docs say it shouldn't, but I am using a stronger key length for RC4 now. If I can't figure it out or AES doesn't pad to the nearest block like I think it will, I should be able to pad the unencrypted passwords myself with nulls or something to mask the length.]
Release Notes:
2.1.1.0
- Updated Dev to 4.0.266.0 and Beta to 4.0.249.30. Google Chrome Extension gallery is live!
- Installer now shows the version of Chrome being downloaded.
- Updated the sample INI with some new notes.
- msvcr100.dll beta 2 is no longer required by the NSIS plugin. 200kb has been shaved off the launcher.
- Changes to Portable Passwords to improve security and prevent possible vulnerabilities. If you were previously using Portable Passwords you will need to import your passwords to Chrome before updating, see the note below on how to keep your saved passwords.
- Fixed bug in NSIS plugin where memory was freed twice (oops).
- Added EncryptPortablePasswords switch to INI, so you can choose to store saved passwords in plaintext. This may be useful if you already use an encryption solution such as TrueCrupt to protect your PortableApps and have no need for additional protection. This is also removes the need for a master password.
- Installer window no longer shows. DialogEx is used instead for the master password prompt.
- Tidied up some things in the launcher code (all language strings are in the appropriate NSH now).
- Updated to PA.c Installer 1.0.1.
2.1.0.0
- Updated Dev to 4.0.249.11
- Merged with John's recommended changes to the launcher/installer.
- Updated to PAF 1.0
- Fixed some details in the docs. 4.0 beta doesn't have extension support at all.
- Fixed network paths not working with the theme path fixer. Note that running from a network folder is not supported. If you encounter problems, try mapping a drive letter to the folder and running GCP from there.
- exclude.txt has been removed from Source since it is no longer needed.
- Local Chrome will no longer lose track of its profile if "User Data" was set up as an NTFS junction.
- Passwords can now be preserved accross user accounts and computers by setting PortablePasswords to true in GoogleChromePortable.ini. You will need to provide a master password as an alternative to Chrome's built-in encryption to keep your passwords safe. See GoogleChromePortable.ini for more details.
Importing Old Portable Passwords
I made some changes to Portable Passwords to remove or reduce vulnerabilities (I'm new at this "security" thing, sorry), which means old Portable Passwords will no longer be understood by the launcher. But, you can ensure they are imported into Google Chrome's local-user-account encrypted passwords database, and then upgrade Google Chrome Portable, which can then regenerate the Portable Passwords from your Google Chrome profile.
Note that if you toggle the new EncryptPortablePasswords flag in the INI (side note: I highly recommend it be kept on unless you know what you're doing) you should also follow this procedure to avoid losing saved passwords. Replace "upgrade" with "toggle the INI switch", or "change your master password"; the procedure is the same.
Start the old GCP up on your computer to ensure the Portable Passwords are correctly imported into your Google Chrome profile. Then close GCP and remove the Portable Password files to force their regeneration in the new format:
Data\settings\masterpassword.hash
Data\profile\\Portable Passwords
Next, perform your upgrade, and start GCP. Enter your master password (you can even pick a new one if you want, since we're rebuilding Portable Password files), and wait for GC to start and then close it. Your new Portable Password files should be regenerated from your profile's saved passwords.
Visit the Community page
Join our forums
Subscribe to our email newsletter
Subscribe with RSS
Follow us on BlueSky
Follow us on Facebook
Follow us on LinkedIn
Follow us on Mastodon
Follow us on Twitter
Nobody? This is the newest version people, I want feedback!
Signature automatically removed for being too awesome.
I think the announcement title with the oddball 2.1 version is throwing people. We don't advertise versions of launchers for any apps... pretty much ever... as that version means absolutely nothing to an end user.
Call it "Google Chrome Portable 3.0.193.33 Rv2 DT1 (Enhanced Launcher) + 4.0 Beta, Too".
Sometimes, the impossible can become possible, if you're awesome!
I just stuck the three GC versions up there and got rid of the Dev Test / Rv stuff cause it's pretty much implied anyway since it's in the Beta Testing forum, IMO.
BTW I've realized there are a couple pieces of my encryption that aren't very secure so this release shouldn't be used as a basis for any official release (I will fix it in my next dev test... which will be a breaking change for the current encryption scheme anyway).
Current flaws that I see:
All this stuff should be fixed by my next dev test.
Signature automatically removed for being too awesome.
The fact that it prompts for a master password on every startup puts me off. I'd rather do without saved passwords than have to deal with that--after all, the whole reason to use saved passwords at all is so you don't have to type them!
Perhaps we should have a method to disable them.
Too many lonely hearts in the real world
Too many bridges you can burn
Too many tables you can't turn
Don't wanna live my life in the real world
Like I said it's opt-in, and off by default.
I may also include an option for storing saved passwords plaintext if you want (or if you use an alternate encryption solution such as TrueCrypt for storing GCP) to skip the need for a master password. Though it will have a big warning.
Signature automatically removed for being too awesome.
Why can't you encrypt without a master? Firefox encrypts all of its stored passwords, even with the master password turned off, and in FF's case it's fully portable.
Without the master password, it's insecure. The discussion here is entirely about security.
I am a Christian and a developer and moderator here.
“A soft answer turns away wrath, but a harsh word stirs up anger.” – Proverbs 15:1
I was referring to MAZZTer's (hypothetical) option to store passwords in plaintext. If you're going to allow that, it'd be more secure to at least encrypt them using some pseudorandom key that to store them directly in plaintext...
You can store them in plaintext if you already use an encryption solution such as TrueCrypt to encrypt your portable drive (at least the portion that GCP is on). But you still need a password for TrueCrypt.
Google Chrome only seems to store its saved passwords without a password because it doesn't... it uses the local user account information (likely including the password or a hash of it) which is why it is not portable. Cryptography requires some sort of secret data to use as a key for encryption and decryption. There's no way around it, it has to come from somewhere.
Signature automatically removed for being too awesome.
So where does FF get its key from when you don't have a master password set? FF saved passwords are never stored in plaintext as far as I'm aware but yet it's still portable...
I think anyone can get at them unless you set your master password. There's just not cleartext in the passwords file.
Sometimes, the impossible can become possible, if you're awesome!
Since this is official, shouldn't it be automatically a pre-release?
Also, 3.0.193.33 should read 3.0.195.33
Thanks.
Ummm I dunno about pre-release, you can call it that if you want to. Tomaetos tomahtos and all that.
Signature automatically removed for being too awesome.
I'd say DT is correct for this one as you're definitely not wanting it to go official. It is quite literally a development test.
I am a Christian and a developer and moderator here.
“A soft answer turns away wrath, but a harsh word stirs up anger.” – Proverbs 15:1
InstallOptions::Show at line 836. Is there a opposite call, like InstallOptions::Hide?
I haven't played at all with GUI options yet (its on my list), but shouldn't there be a inverse option?
Too many lonely hearts in the real world
Too many bridges you can burn
Too many tables you can't turn
Don't wanna live my life in the real world
That shows the page, not the window. To hide the Window you need to call SetSilent in the .onInit function (after the page has shown it's already too late). I may be able to fake it using a nsis plugin or something to use Win API calls to hide the window though. But I think if you call Abort on a non-silent installer it won't quit the installer like it does when it's silent (non-silent you still have to click "Cancel")... so that may not work.
Signature automatically removed for being too awesome.
You can hide modern UI, ditch your custom page and just do it using Dialog Options. Check out the PA.c Installer's Wizard code for examples. It prompts for missing info outside of modern UI.
Sometimes, the impossible can become possible, if you're awesome!
I was gonna use nsDialog (since InstallOptions is deprecated) but I couldn't figure out how to make it use Modern UI, plus the only sample code I knew that did what I wanted to do was Firefox 2.0 Portable's "Enable Session Restore" prompt.
I'll look at the PA.c Installer's Wizard code, though I never got any such prompts from it myself since I did a good job on my appinfo.ini and installer.ini, I guess.
[Edit: You !include dialogs.nsh but you didn't include that file with PA.c Installer Wizard, nor is it a standard NSIS nsh. I am also unable to find any website or download for it... it's not possible to compile the Wizard without it!]
Signature automatically removed for being too awesome.
Explanation: http://nsis.sourceforge.net/DialogsEx_plug-in
Download: http://nsis.sourceforge.net/Joel_plugin_src
To get it using XP themes, you have to set XPStyle on.
Sometimes, the impossible can become possible, if you're awesome!
There we go, I was looking for "Dialog Options". Thanks.
XPStyle is always on here!
It should be working in the current launcher just fine...
Signature automatically removed for being too awesome.
My extensions aren't applying http://www.chromeextensions.org/
Are you using the Dev build? That's the only version that supports extensions so far.
Here's a little tip that I'd like to share. I like to download files to my X:\Documents\Downloads directory located on my PA drive, so I've modified the 'Preferences' file located in the Data\profile\default directory to automatically detect the current PA drive and download to my PA drive.
Preferences
"download": { "default_directory": "..\\..\\..\\..\\..\\Documents\\Downloads", "directory_upgrade": true, "extensions_to_open": "", "prompt_for_download": false },I was thinking maybe I could make a "Data\Downloads" for the next release and make the default profile stick downloads there... but it's probably best to just prompt. Good tip though, I may use it for my personal copy.
BTW Try just using a path of:
"\\Documents\\Downloads"
A starting \ means to start at the root of the current drive FYI. Much cleaner and easier to follow than a ton of ..s.
Signature automatically removed for being too awesome.
Saving a big file to USB as it is downloaded kills all running portable apps performance-wise. That's why Firefox is set to ask.
Sometimes, the impossible can become possible, if you're awesome!
Ha, totally forgot about that, and lots of times my USB seems the slowest on the planet. Yeah, sticking with prompt definitely.
Signature automatically removed for being too awesome.
I've always had Chrome and Firefox set to download to a specific directory on my drive (no prompt) and I've never had performance issues. Not even on the slow-as-molasses 32GB SanDisk Cruzer I had before my current drive.
Bump. New version.
Please note that any comments above this line are commenting on an obsolete version and I probably addressed them all already.
Signature automatically removed for being too awesome.
What happened to 3.0.195.38? It's been out for a while now...
My extensions won't apply either. They were at work on XP, but not at home on 7.
It's been a while since the last update for the portable app has been released.. I'd like to know if a new version is coming out anytime soon! Please replay ASAP.
(Especially for the dev/beta builds!)
Has there been any recent activity on this? Is the source code for the installer available anywhere?
The installer is just the PortableApps.com Installer. The launcher source code is in Other\Source. The installer configuration is done in App\AppInfo\appinfo.ini and App\AppInfo\installer.ini.
I am a Christian and a developer and moderator here.
“A soft answer turns away wrath, but a harsh word stirs up anger.” – Proverbs 15:1
EncryptPortablePasswords in what ini file?
There's a ini file in Other\Source. SHould be called ChromePortable.ini or somethign similiar.
Copy that to the ChromePortable directory, and then look for the right value to set to true
Too many lonely hearts in the real world
Too many bridges you can burn
Too many tables you can't turn
Don't wanna live my life in the real world