Why do people write applets?

Since I spend so much time railing about applets, I also tend to look at applets to see what they do (after all, the first step in knowing how to defeat the enemy is to understand the enemy).

In general, applets seem to fall into several rough categories:

  • Updaters
  • Notification Area Handlers
  • Helper applications
  • Services (I did say that I lump services into the same category as applets).

Let me take them in turn…

Updaters:  I LIKE updaters.  Updaters are awesome.  IMHO, I trust applications that include updates more than those that don’t (because an updater implies a commitment to further development and bug fixes).  However way too many vendors build programs that run all the time and do absolutely nothing other than wait to check for updates every week (or every month).  One other problem with updaters is that sometimes the authors of the updater use the updater to push unrelated software (at the moment, I’m particularly annoyed at the iTunes updater – if you install just Quicktime, the updater tries to get you to install Quicktime+iTunes, and there seems to be no way of shutting it up).

Notification Area Handlers:  Every application seems to want to put its own icon in the notification area.  To me, the functionality that is offered by many of these is of limited value. For example, my display driver includes an applet that allows the user to quickly switch between screen resolutions, but I almost never change my screen resolution – so why provide a easy shortcut for that functionality?  I’m not sure why, but personally I believe it’s because of branding (since you get to put an icon with your notification area handler, it makes it obvious to the user that you’ve installed the software).  Some pieces of notification area functionality are quite useful (the “big 4” (Sound, Network, Battery, Clock) in Windows are good examples, as are things like RSSBandits’ status indicator), but many of them make me wonder (which is why I suspect that branding is the real reason behind many of the notification area icons).

Helper applications: These are things like “FlashUtil9d.exe” (running on my machine right now) and other support processes.  Users often don’t see these (since they don’t bring up UI), but they live there nonetheless.  I have an HP 7400 printer at home, and the printer driver for that runs 2 separate processes for each user (one of which hangs during shutdown every time a user logs off).

Services: A special class of helper application, services have some significant advantages over helper applications (and some drawbacks).  Services can be centrally managed, and expose a common startup/shutdown interface.  They also can be automatically started at system boot, have strict dependencies, and can run in arbitrary user contexts (including elevated contexts).  On the other hand, it’s difficult (and in many ways effectively impossible) to have services run in the context of the currently logged on user.  I’m a huge fan of services, but it’s possible to totally overdo it.  In Windows Vista, there were a slew of new services introduced, and more and more applications are creating services, since the currently logged in user is no longer an administrator.  An example of a helper service is the WHSConnector service that comes with Windows Home Server (another of my current favorite products), and there are a bazillion others.


I’m sure that there are other categories of applets, but these 4 appear to be the biggies.


Tomorrow: So why are applets bad?

Comments (39)

  1. Anonymous says:

    I like how Windows Vista moves the "big four" notification icons into a different area and treats them differently.

  2. Anonymous says:

    I don’t like update craplets. Even if I do install an app, I do it for a particular purpose, and I certainly don’t want to think about it beyond that purpose (unless the applet is a hobby).

    Example: Adobe Reader is something I install in order to view PDFs. That’s it. I don’t care about the bajillion new features they put in version 8.1, I certainly don’t want to be reminded in $(a random period of time), I want it to open PDFs and shut up otherwise.

    I’ve sometimes had to resort to violence on this. For example, some version of the DivX codec had a tray app that would pop up every time you played a DivX movie, and offer a menu for of options, none of which I was remotely interested in. I had to rename the app’s exe to stop that.

  3. Jonathan, do you care when your machine gets 0wned because of a security vulnerability in Adobe Reader?  There have been at least 3 critical security holes found in Reader over the past couple of years, the updater gives Adobe’s customers the ability to update those vulnerable customers.

    It’s hideously unfortunate that Adobe and others use their updaters to upsell unrelated products – it’s violates one of the tenets of trustworthy computing (you don’t treat security fixes as upsell opportunities).  Apple is notorious for this because of their patch policy (they only apply patches for the current revision of the OS, customers that have older OSs need to upgrade to get the security fix, even if the older OS is vulnerable).

  4. Anonymous says:

    That’s a risk I’m willing to take. As a mitigation, I always turn off Adobe Reader’s IE intergration. I also do it since it renders 3 times slower than the standlalone reader (one of my computers is kinda old).

  5. Anonymous says:

    Yeah, I’ve disabled PDF plugin support as well. Autoupdaters like Adobe’s are just too obnoxious with trying to sell me Photoshop and other crap. I’d rather just manually update when I see word of the vulnerability, since I don’t deal with random Internet PDFs.

    Besides, a little informational hygiene can go a long way on a firewalled desktop. (Laptops, of course, need to be running every defense known to man.) Whitelisting Flash and JavaScript reduces the attack surface significantly for these types of exploits.

  6. Anonymous says:

    I too hate updater applets, because they spend 99% of their time doing nothing useful and sucking up resources. Security remediation is important, but having each application install its own updater applet is not a scalable solution.

    Perhaps it’s time for a MS provided updater service than ISVs can plug into for scheduled updating. Why does each ISV need to write this functionality?

    Worst case, I’d rather see apps using a Windows Scheduler job to schedule periodic update checks. Or checking at run-time. Anything instead of a continuously running applet.  

  7. Anonymous says:

    I have to say I’m rather sympathetic to Jonathon’s point of view. There simply has to be a better way. In an age of ubiquitous internet access, you can justify installing a dedicated updater for pretty much any application beyond the simple Windows applets (e.g., Notepad).

    I think a better solution is for the application to check on startup–like Paint.NET does. Or maybe Microsoft could make it easier for third-parties to use their Update service. (I thought WER had a way of distributing fixing, but only in response to crashes and hangs.)

    Coincidently, the IE blog published a short article on good practices for updating ActiveX controls. In my experience, most ActiveX controls are the "craplets of the web", so there may be some parallels (particularly to the first point they discuss):


  8. Anonymous says:

    I also hate the Apple Updater’s tendency to inflict iTunes on me, but here’s what I really liked about it: it used Scheduled Tasks to perform its checks for updates. That’s massively superior to running a background process of its own at all times. It’s just a shame it updates the wrong product, really.

    What I’d really like though (and this is getting off-topic) is a website listing updates, with a nice ATOM feed to which I could subscribe. That’d help me for apps that don’t have updaters or which have updaters that I don’t trust. Some applications actually ship security fixes as unsigned blobs over http!

  9. Jim, you’re right, that’s one of the things I’m planning on pointing out in post #4 (mitigations).

  10. Anonymous says:

    I believe many of the "helper applications" exist merely to pre-load DLLs on log-in, in the hopes that the application which uses those DLLs will load faster when the user starts it.

    Aside from being pushy marketing tools, updaters give developers too much reassurance that they can ship now and patch it later.  I also don’t like the state of my machine to be in constant flux.  Security holes are important, but so is stability.   Nothing like a bug in a non-essential update to consumer your entire morning.

    Updaters are also beacons, telling vendors more about our systems and habits than they need to know.

    Sometimes our IT remote management tools badger me to install updates to applications I’ve uninstalled!

    BTW, Foxit Software makes a nice alternative to Adobe Reader.

  11. Anonymous says:

    As someone who has created a program that allows people to remove the unwanted startups I love your topic this week.

    I’m not a big fan of auto-updates although I like your thinking about the publishers commitment. I’ve had a number of apps and new machines come with a single updater from InstallShield. I don’t use InstallShield myself anymore but having a single program for multiple apps makes sense. Unfortunately, I keep seeing to many things break after an update is installed.

    The biggest complaint I hear is about applications like QuickTime that stick themselves back into the Startup list anytime they just run.  Apple also annoyed a number of people by installing their "Apple Mobile Device Service" with the last iTunes update. This was released the same week as the iPhone and unless you have an iPhone it’s useless.


  12. Adrian, I’m not so sure about that – for instance I believe that the flash plugin I mentioned runs to bypass some of the IE low rights restrictions (I’m not sure about that though).  

  13. Anonymous says:


    I recall some kind of feature during the longhorn alphas (sorry

    to bring it up…) of some kind of unified updating framework where apps would register with windows and windows would auto-magically sort it all out. Windows would run them in a sand box and spread their activity out during the startup process, rather having every app hammer your internet connection at logon. Installing updates at shutdown etc.

    I still think it’s a good idea, and if i did just invent it, i still think its a good idea!


  14. Anonymous says:

    I’m not aware of Adobe Acrobat reader trying to ‘sell’ me other products – certainly not photoshop! –  I’ve never had that happen to me.

    the only issue I’ve had with the product is that for many years when you viewed a PDF in the web browser, it would do a check for a newer update.  And often time-out.  The result being that this would be the #1 reason here why IE would seem to be frozen.  You could see in Task Manager that it was acroread.exe that was frozen.  I’ve debugged this problem for people at home and at work!  The work-around was to start acrobat reader on its own so that it did its update check — and present you with the user interface with potentially an error message box!

    That problem seems to have a vanished a couple of years ago, however.

  15. ulric, I don’t think that Acrobat Reader does that.  I know that QT does.

  16. Anonymous says:

    So, maybe this is a dumb question about these various updater applets.  Why do they have to install an always-running program?  They only check for updates once a week, or once a day, or whatever.

    Windows has Scheduled Tasks.  Why not just setup a scheduled task?  You updater applet could just check for the update, and then exit.  Schedule it in Windows to run once a week or whatever.

    So, why don’t developers do this?  I’m not a Win32 expert, but I would thinks that it is easier to create a Scheduled Task then it is to write your own scheduler in your application.

    It would also have the advantages of:

    1. Lower resource utilitzation.  The Windows Scheduler is already running.

    2. Centralized management.

    What am I missing?

    (Heh, as I started typing this, my JVM checked for an update, and is now nagging me.  Oh, and it triggered a UAC prompt.  Thanks Sun!)

  17. Myron, to be honest, I don’t know.  My guess is that they’re either (a) lazy, (b) unfamiliar with the features of the platform, (c) indifferent to the desires of customers or (d) need to support OS versions without the task scheduler service.

    In all honesty, it’s easier to write an app that runs all the time than it is to author a job – no matter how much more polite it is.

  18. Anonymous says:

    I’ve actually never understood why the volume control should be part of the notification area. I thought the notification area was supposed to be for notifications rather than used as a quick access toolbar. The only time I want to see a volume icon in the notification area is when I’ve done a "Mute all". Similarly with the network icon, I only want to see it when a network connection that I regularly use has become disconnected.

    Of course most people refer to that area as the system tray, in which case providing quick access to "system" functions like screen resolution, volume control, OneCare status blah blah blah becomes perfectly understandable. I’m so glad the "Always hide" function is available to me!

  19. Why is the date&time in the notification area?  By your logic it shouldn’t be there either.

    The volume control actually has visual indicators that reflect the actual hardware volume (at least as far as the sound card knows).  If your keyboard has volume HID controls, then the volume control will reflect the state of those HID controls.

  20. Anonymous says:

    I like the new startup class of services in Vista.  Being able to delay some of the startups is convenient and spreads out the process grinding.  

    Of course, getting people to use it is another thing.  PunkBuster’s services barely installed properly in the first place, and then after I fixed them, I set them to delay start.  I don’t need to make sure any video game cheats are running during Vista startup.

  21. SvenGroot says:

    I have never seen the use for update applets? What’s wrong with just checking for updates when your application actually runs?

    Another important thing for updaters is that they shouldwork for limited users. Even if it’s just letting you know the update is there and leaves the installing to you.

  22. Sven, I actually have no problems with them, IF they’re done right.

    For instance, modulo the upsell thingy, iTunes handles it correctly – the applet runs as a scheduled task, it only runs once every few days and should be silent (but of course it isn’t).

  23. Anonymous says:

    Larry, thanks for bringing this series up. I appreciate it.

    What bothers me most are some newer applications (PerfectDisk 8.x, StuffIt 11.x) which register with Windows Installer and as soon as you delete or rename any of their files, Windows Installer kindly pops up and repairs the installation.

    There is only one problem with that idea — if the original MSI setup cache is deleted or damaged then the repair doesn’t work and the machine almost hangs, not to mention that you MUST resolve this before trying to install any other application. Otherwise you will get the message "Setup for XYZ has been suspended, you cannot install ABC until you finish with XYZ".

    The reason why you would want to delete files by hand can be for example if uninstall information somehow got corrupted, Add/Remove doesn’t work, and you want to remove the application anyway.

    In my case I wanted to prevent StuffIt from starting ArcNameService.exe each time I right click in Explorer and select "Create StuffIt Archive" because that stupid service starts roaring through all my hard-drives in an attempt to index all archive files so I could search for them quickly(!) — I haven’t seen anything more stupid in my whole life. Not only it brings my Raptor and RAID0 made of other two drives to their knees, it completely ignores OS indexing capabilities and it doesn’t give me the option of not using that stupid search.

    So I renamed that file and of course it got restored immediately. Talk about being 0wned.

    Since I couldn’t figure out which mechanism it used to start the installer I finally resolved it by patching ArcNameService.exe entry point with XOR EAX, EAX / RET. Luckily Windows Installer still doesn’t compare checksum (shh, don’t tell anyone!).

    I got in dispute with PerfectDisk because it insists on running its own scheduler like Task Scheduler is not good enough.

    I recently got rid of Sun’s Java permanently when I realized what kind of bloat in the registry it created, plus it was annoying me with all those pesky updates — jre1.6.0 update 1, jre1.6.0 update 2, jre1.6.0 update 3, jre1.6.0 update 4, … , jre1.6.0 update 79, jre1.6.0.1, jre1.6.0.1 update 1, … and they never heard of differential updates but instead it downloaded whole package each time. Lamers. Did you know that each new version however minor has its own CLSID which points to the same DLL file?!?

    Oh and don’t forget to mention those app helpers which (like TV tuner remote controls for example) poll dozens of registry keys in 2 second intervals.

    And how could I leave out Acrobat Reader speed launch?!? Man, that thing is annoying. But Microsoft is guilty of that one too, they gave them the idea with Office startup. Oh and Acrobat Reader setup which defragments your drive without asking!!! Luckily I know how to use Orca tool to edit MSI databases.

    Can’t wait to read the rest of the series.

  24. Anonymous says:

    "One other problem with updaters is that sometimes the authors of the updater use the updater to push unrelated software (at the moment, I’m particularly annoyed at the iTunes updater – if you install just Quicktime, the updater tries to get you to install Quicktime+iTunes, and there seems to be no way of shutting it up)."

    Larry Osterman probably can’t do anything about this, but Microsoft itself is guilty of this. They use Windows Update to push WGA Notifications.

    But as I said, Larry Osterman probably can’t do anything about this. All Larry Osterman can to is to complain to the WGA team.

  25. Anonymous says:

    I think at least with the updaters it is as much MSs fault. Why, oh why is there no option to specifiy an update url in a MSI package and then have the Windows Update engine check for patches at the url and apply them when something is found? I think these days almost every software needs an auto update mechanism, and yet the lack of some platform service for that on Windows really forces ISVs to roll out their own. That is bad from so many perspectives: A lot will have bugs, it is just a huge waste of effort, all these updaters waste system resources and I could go on and on and on. I take it that you will write about each of these applets in turn, so I’ll wait for your post on those and what you think!

  26. Anonymous says:

    Hi Larry,

    What an interesting topic you have here. I used to work for an antivirus vendor and naturally we needed an updater. I wrote one that was just a windows application with no windows and wrote another simple GUI app front-end that allowed simple creating and editing of a Windows Scheduler task to run that updater. The actual updating functionality was a COM object that was used by the windowless app and another integrated updater.

    Using this approach took away the unnecessary burden of duplicating the Windows Scheduler functionality and let me spent more time on the actual updating and making it better.

  27. Anonymous says:

    Actually I didn’t mind that the sound, power, and network icons weren’t enabled by default in various versions of Windows, and I didn’t mind the fact that I had to set options to enable them, because each option only had to be done once per install.

    But I don’t expect everyone else to agree with me.  If someone doesn’t want the sound, power, and network icons, why can’t they disable them?  Why have those options disappeared?  (Or did Vista just move those options to a place where I haven’t found them yet?)

    I also wish the language bar weren’t treated differently.  In Windows 2000, NT4, ME, and 98, and even Windows 95 if IME 97 or IME 98 were installed, the language bar minimized to a single icon in the notification area.  A right-click on that icon brought up menus that could cascade to every necessary option.  Who had the idea that Windows XP and 2003 have to use at least 4 times as much valuable real estate in the task bar, and Vista has to use at least 5 times?  One icon was right.

    Meanwhile, the situation I’ve seen with Acrobat Reader is that it checks for updates when the application starts up.  I think I’ve seen it put other garbage in Windows start-up, but it did the right thing when checking for updates.  Also the other other garbage (upselling) comes when you visit their web site to get the updates, but still it did the right thing when simply doing its check when you start the application.

  28. Anonymous says:

    I love this column; i’ve ranted to my mate about this over beer. The lack of consideration by software vendors for their customers’ computers worries me.

    Also, a certain AT1 Catalyst Control whatever it is has to die! Not only do the craplets take up more than 20MB of my ram, the driver installation tops 100MB in the program files dir.

  29. Anonymous says:

    Norman: It’s just you. Look at the "properties" settings for the taskbar and disable whatever system icons [sic] you like–clock, volume, network, or power.

  30. orcmid says:

    I have managed to fix Quicktime so it doesn’t nag me about anything.   Now I need to remember how I did it.

    The biggest problem about updaters (don’t forget Logitech on its mice and keyboards too) is that you usually have to be running as admin for it to work.  This is bloody awful in the case of Second Life which updates incessantly.  Stilly, I only download updates while running as a limited user.  If I have to be admin, I do that part off-line.  (The obvious exception is Microsoft Update, and I still don’t have automatic updates turned off even though that keeps me in a permanent red condition with OneCare, which only goes to yellow for too-long-since-backup.  Phht.)

    There was a time when Acrobat Reader could only be obtained by on-line update, so I stopped updating.  Now you can dowload the full install again.

  31. Anonymous says:

    "I had to rename the app’s exe to stop that."

    "Since I couldn’t figure out which mechanism it used to start the installer I finally resolved it by patching…"

    My preference for stopping programs from running is to set NTFS permissions to deny execute.  That way the filename stays the same and won’t affect uninstalls, restores, etc.

  32. Anonymous says:

    It looks like several posters agree than a nice public API would be nice.

    But let’s take another mess that was not mentioned: why, oh why, does every piece of junk insists to add itself to HKCUSoftwareMicrosoftWindowsCurrentVersionRun or HKLMSoftwareMicrosoftWindowsCurrentVersionRun?

    Or in a hundred of other places?

    Why not Start -> Programs -> Startup, where you can see it and edit it without a PhD?

  33. Anonymous says:

    "Apple is notorious for this because of their patch policy (they only apply patches for the current revision of the OS, customers that have older OSs need to upgrade to get the security fix, even if the older OS is vulnerable)."

    Apple isn’t quite that bad — they supply security updates for at least current and current-1, sometimes more.  I know, since I’m current-1 now and was current-2 last year.

    Microsoft is basically the same way: there are no security updates for pre-SP2 XP, and the only other client OS out is Vista.

    It’s about age and support load, not upselling.

  34. Random Reader: Microsoft’s patching policy is far more liberal than any other commercial OS out there.  We provide patches for something like 7 years after the release of the OS, 5 years after the successor.  And if you’re willing to pay for a custom support agreement, you can get support beyond the product lifecycle.

    You’re right that only version of XP we provide patches for is XP SP2 and and not XP SP1, but honestly, that’s not surprising (IMHO, anyone running XP SP1 is a total fool).  We currently provide ongoing security patches for Win2K, XP SP2 and Vista.

    My issue with Apple is that they essentially say "no matter how heinous our security flaw is, if you’re not running a recent version of our OS, tough".  My mom was forced to buy a new Mac because of this (they stopped supporting her machine when it was only something like 4 years old (her machine didn’t come with a DVD drive and none of their current OS releases came on CDs)).

  35. Anonymous says:

    Tiger still ships on CDs as well as on DVDs, but however Leopead will probably not.

  36. Anonymous says:

    Wednesday, August 15, 2007 4:34 PM by James

    > Norman: It’s just you. Look at the "properties" settings for the

    > taskbar and disable whatever system icons [sic] you like

    > –clock, volume, network, or power.

    OK then, Vista moved those settings to a *better* place than they were before, and it’s just me who overlooked it while traversing the Control Panel settings for network, power, etc.  Thank you.

    Thursday, August 16, 2007 1:24 AM by LarryOsterman

    > IMHO, anyone running XP SP1 is a total fool

    Agreed.  SP2 was a bugfix release for both coding bugs and design bugs, and it was priced right for a bugfix release.

  37. Anonymous says:

    "My preference for stopping programs from running is to set NTFS permissions to deny execute.  That way the filename stays the same and won’t affect uninstalls, restores, etc."

    Yes but the downside is that it doesn’t work on FAT32 partitions and I like to keep my XP on FAT32 partition because I need to be able to boot DOS and see/edit/copy/delete files without having to boot from WinPE CD.

    Larry, I used XP SP1 until recently, it had all but SP2 patches installed and it worked fine. It had lower memory footprint and it was more responsive than SP2 version. Because of SP2, I can’t use Soft-Ice kernel debugger anymore and I would rather be a fool and use it then be smart and use that awkward Microsoft Windows Debugger.

  38. Anonymous says:

    Devils Advocate: Scheduled tasks may not run if the machine is off – a concern for laptops, at any rate.

    That having been said, don’t drop a craplet, check for updates at program run

  39. Anonymous says:

    In previous articles, I've pointed out: Programmer Hubris – He's just not that into you Programmer