[Report] Portable installation is NOT portable



  • 1. I had Vivaldi insalled as Portable on System1 (C:\Programs\Vivaldi) 2. I've installed new System2 (same OS) 3. Copied full Vivaldi folder from original C:\Programs\Vivaldi to new C:\Programs\Vivaldi (different hard disks) 4. Upon starting Vivaldi in new system I encountered following issues: [b]- all extensions removed (only user data saved)[/b] [b]- no login data saved (cookies sessions)[/b] + session tabs saved +most of the vivaldi internal settings saved Tested on 1.4.589.38



  • It is not advertised as a portable installation. It is just a standalone installation that keeps all of the profile information in the installation folder.

    See Release An Official Portable Version.



  • Vivaldi auto-encrypts certain user information (passwords, extension information, etc) using Windows' encryption services. Windows uses a hash of the user's system/user-account passwords to apply its encryption. That means any information thus encrypted in a Vivaldi installation within one user account cannot be decrypted by anything in a different user account or on a different system since the original system/account hash cannot be reconstructed outside of the original user-account/system. This is considered a security measure to prevent unauthorized access of user data.



  • I like how the people who can take care of their private data have no choice here.



  • @Kein:

    I like how the people who can take care of their private data have no choice here.

    The use of Windows' services for encryption is a design choice made by the chromium developers, and Vivaldi is built on the chromium engine foundation. The use of hashing of system and user account passwords for encrypting local data is wired into the Windows services employed. Creating a stand-alone encryption scheme for Vivaldi would require both significant design effort as well as probably requiring continual tweaking each time a chromium update occurred. That level of effort would divert major resources away from other important tasks that are important to Vivaldi at present.

    The day may yet come when Vivaldi elects to create an independent browser encryption scheme, once the demands of creating other features and solving the many other immediate problems are past - but that day is not likely to occur for quite some time. Meanwhile, the encryption technique that currently exists does function well for its purpose, regardless of the inconvenience it may cause for a handful of users.



  • Or they could just avoid using encryption for portable set up altogether?

    There is no reason to make complex original encryption method.



  • @Kein:

    Or they could just avoid using encryption for portable set up altogether? There is no reason to make complex original encryption method.

    But there are reasons for what designers do or don't do, one of which I've just noted above. Likewise, making a 'portable' version behave significantly differently from a 'normal' version runs against the logical goal of making a browser brand work as similarly as possible in all its manifestations and applications. Security consistency, especially because it's largely hidden but highly important, is a critical element of a browser's behavior. Creating a browser version that lacks encryption, whereas all of that browser's other versions possess it, is a dangerous-to-user departure from an in-common browser model - especially for a browser version that can be placed on a USB stick which could later be easily lost, stolen, or misplaced along with all its passwords and certain revealing extension data.

    Creating a portable version without encryption would also require altering the basic Vivaldi design specifically to remove encryption hooks and such. The extent of that and the involvement of which chromium engine internal interfaces, I don't know. But such things would likely have to be separately revisited for an encryption-less portable version each time a chromium update impacted those interfaces. Whenever a separate 'parallel' version/model of a browser is created, the cost impact increases with the degree of 'separateness' and the availability of designer resources to focus on other tasks is diminished.

    To be accurate, it all ends up being an effort vs. result-importance (aka 'priority') issue. But to say there are no reasons for what is done or not done is to be overly critical.



  • Avoid encryption, or give a checkbox-choice to encrypt or not to make a copied folder usable in other windows installations too.


Log in to reply
 

Looks like your connection to Vivaldi Forum was lost, please wait while we try to reconnect.