Bloatware: Difference between revisions

Latest revision as of 03:43, 23 March 2026

❗Article Status Notice: This Article is a stub

This article is underdeveloped, and needs additional work to meet the wiki's Content Guidelines and be in line with our Mission Statement for comprehensive coverage of consumer protection issues. Learn more ▼

There are multiple definitions of bloatware within the context of software. They include:

Pre-installed software that is not required for a system functionality
Redundant or duplicate features included on a device (physical or digital)
Undesirable programs that were not requested by the user
Software that has become bloated over time

While the term "bloatware" is commonly ascribed to software, hardware bloat also exists.^[1] See IoT devices for examples.

Bloat can be a symptom of a decline in quality of devices and services, colloquially referred to as enshittification.

Why it is a problem

Bloatware often arises as pre-installed software and applications because the device manufacturer (OEM) has a contract or partnership with another corporation. The terms and processes leading to these partnerships, however, lack transparency. One study determined that personal data collection and user tracking was prevalent in pre-installed apps, with the data collection including personally identifying info (PII) and geo-location data, personal email and phone call metadata, contacts, behavioral and usage statistics as well as isolated malware samples.^[2]

Bloat, in any of its forms, raises privacy and security concerns^[3]. As a rule of thumb, every added branch of code can make a program exponentially harder to prove for correctness^[4], making it impractical or impossible to verify that a program is not malicious (such as spyware) or has an exploitable vulnerability. The problem is exacerbated if the source-code of the app is not available, since reverse engineering is difficult and (in some cases) illegal. This means that user is unable to control or ensure the safety of their devices.

Bloat is known for causing sub-par user experience (UX):

Increased latency, "slowness", when using programs and applications^[5]
High memory use prevents or impedes multitasking^[6]
High power usage increases energy bills and reduces battery lifespan
Over reliance on network connections (e.g., internet) preventing data from being cached locally^[7], which can both impede access as well as increase cellular-data billing
Instability issues due to difficulty in testing and verifying big code-bases^[8]

If non-sustainable energy sources are used to power these devices with bloatware, bloat can contribute to climate change. This is true for any excessive processing (CPU, GPU, etc.) and network abuse (such as AI training).

Tools to deal with bloat

This is a list of tools that can be used (or are primarily used) to reduce bloat. This is not a guide, just a list of suggestions.

uBlock Origin (uBO). A general-purpose content blocker for web-browsers. It's worth noting that its "Cosmetic Filtering" (element hiding) can, in rare cases (such as animated elements), improve performance.^[9]
NoScript. Much more specialized than uBO, as it only deals with JavaScript.
LibRedirect. On-browser (client-side) redirector of popular websites to privacy-respecting alternatives (alts). Most of those alts are lightweight, so it can be used to avoid bloat rather than remove bloat.
privacy.sexy. A tool for improving security and privacy on popular operating-systems, it also serves as a "debloater".
Android debloaters:
- Universal Android Debloater Next Generation (UAD-NG). A desktop app that uses ADB to disable (or "freeze") and pseudo-uninstall almost (OEMs block some) any app (including system packages) without root-access.
- Canta. An Android app that uses UAD-NG's bloat-lists as its knowledge-base (KB), and Shizuku as ADB replacement.
- AppManager. An "all-in-one"/general-purpose package manager that runs on Android. It uses a derivative of UAD's lists as its KB. It can show a lot of hidden info about apps, which can sometimes be used for reverse-engineering.
- Droidrunco, superseded by Zilch
NetGuard. An app that uses the local Android VPN API to filter internet traffic (like a firewall). It can be used as an on-device Pi-hole to block ads using hosts-files as rules.^[10]
Rethink, DNS + Firewall + VPN for Android. Can use local and remote DNS.
youtube-dl & YT-DLP. Audio/Video downloaders or "rippers". Similarly to LibRedirect, it can be used to avoid bloat, by simply downloading the main content of a page. There's also --get-url/--print urls options that can be used to open the URL of the media in a browser, effectively streaming it, without a customized player

External links

"The 49MB Web Page"; a study on popular news/journalism sites. They also talk about cognitive-load and silent automated bidding, criticizing the degraded UX and privacy violations.
"Web Obesity Crisis"
How web bloat impacts users with slow connections
HTTP Archive: Page Weight
The Growth of Web Page Size
Javascript bloat in 2024
"Software disenchantment"
uBlock-wiki counterpoint to "Who cares about efficiency, I have 8 GB RAM and|or a quad core CPU"
Why Modern Software is Slow–Windows Voice Recorder

References

↑ Ionescu, Bogdan (2025-09-13). "Hosting a WebSite on a Disposable Vape". BogdanTheGeek's Blog. Archived from the original on 9 Feb 2026. Retrieved 2026-01-15.
↑ J. Gamba, M. Rashed, A. Razaghpanah, J. Tapiador and N. Vallina-Rodriguez, "An Analysis of Pre-installed Android Software," 2020 IEEE Symposium on Security and Privacy (SP), San Francisco, CA, USA, 2020, pp. 1039-1055, doi: 10.1109/SP40000.2020.00013. https://ieeexplore.ieee.org/document/9152633 Accessed 26 Feb 2026. (Archived)
↑ Hubert, Bert (2024-02-08). "Why Bloat Is Still Software's Biggest Vulnerability". IEEE Spectrum. Archived from the original on 31 Jan 2026. Retrieved 2025-11-21.
↑ Howard, Gavin (2024-03-26). "What Computers Cannot Do: The Consequences of Turing-Completeness". Gavin D. Howard. Archived from the original on 2025-12-14. Retrieved 2026-01-06.
↑ https://developer.mozilla.org/en-US/docs/Web/Performance (Archived)
↑ https://en.wikipedia.org/wiki/Thrashing_(computer_science) (Archived)
↑ "Local-first software: You own your data, in spite of the cloud". Ink & Switch. 2019. Archived from the original on 30 Jan 2026.
↑ Muratori, Casey (2018-05-12). "The Thirty Million Line Problem". Molly Rocket. Retrieved 2026-03-15 – via YouTube.{{cite web}}: CS1 maint: url-status (link)
↑ "html - Does hiding an animated GIF with CSS conserve browser resources?". Stack Overflow. 2016-02-03. Archived from the original on 2025-12-15. Retrieved 2026-03-15.
↑ Bokhorst, Marcel (2016-03-20). "Ad Blocking with NetGuard". GitHub. Retrieved 2026-03-15.{{cite web}}: CS1 maint: url-status (link)

[1] Ionescu, Bogdan (2025-09-13). "Hosting a WebSite on a Disposable Vape". BogdanTheGeek's Blog. Archived from the original on 9 Feb 2026. Retrieved 2026-01-15.

[2] J. Gamba, M. Rashed, A. Razaghpanah, J. Tapiador and N. Vallina-Rodriguez, "An Analysis of Pre-installed Android Software," 2020 IEEE Symposium on Security and Privacy (SP), San Francisco, CA, USA, 2020, pp. 1039-1055, doi: 10.1109/SP40000.2020.00013. https://ieeexplore.ieee.org/document/9152633 Accessed 26 Feb 2026. (Archived)

[3] Hubert, Bert (2024-02-08). "Why Bloat Is Still Software's Biggest Vulnerability". IEEE Spectrum. Archived from the original on 31 Jan 2026. Retrieved 2025-11-21.

[4] Howard, Gavin (2024-03-26). "What Computers Cannot Do: The Consequences of Turing-Completeness". Gavin D. Howard. Archived from the original on 2025-12-14. Retrieved 2026-01-06.

[5] ttps://developer.mozilla.org/en-US/docs/Web/Performance (Archived)

[6] ttps://en.wikipedia.org/wiki/Thrashing_(computer_science) (Archived)

[7] "Local-first software: You own your data, in spite of the cloud". Ink & Switch. 2019. Archived from the original on 30 Jan 2026.

[8] Muratori, Casey (2018-05-12). "The Thirty Million Line Problem". Molly Rocket. Retrieved 2026-03-15 – via YouTube.{{cite web}}: CS1 maint: url-status (link)

[9] "html - Does hiding an animated GIF with CSS conserve browser resources?". Stack Overflow. 2016-02-03. Archived from the original on 2025-12-15. Retrieved 2026-03-15.

[10] Bokhorst, Marcel (2016-03-20). "Ad Blocking with NetGuard". GitHub. Retrieved 2026-03-15.{{cite web}}: CS1 maint: url-status (link)

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

@@ Line 15: / Line 15: @@
 Bloatware often arises as pre-installed software and applications because the device manufacturer (OEM) has a contract or partnership with another corporation. The terms and processes leading to these partnerships, however, lack transparency. One study determined that personal data collection and user tracking was prevalent in pre-installed apps, with the data collection including [[wikipedia:Personal_data|personally identifying info]] (PII) and geo-location data, personal email and phone call metadata, contacts, behavioral and usage statistics as well as isolated malware samples.<ref>''J. Gamba, M. Rashed, A. Razaghpanah, J. Tapiador and N. Vallina-Rodriguez, "An Analysis of Pre-installed Android Software," 2020 IEEE Symposium on Security and Privacy (SP), San Francisco, CA, USA, 2020, pp. 1039-1055, doi: 10.1109/SP40000.2020.00013.'' https://ieeexplore.ieee.org/document/9152633 Accessed 2''6 Feb 2026.'' ([http://web.archive.org/web/20251130162318/https://www.researchgate.net/publication/332932516_An_Analysis_of_Pre-installed_Android_Software Archived])</ref>
-Bloat, in any of its forms, raises privacy and security concerns<ref>{{Cite web |last=Hubert |first=Bert |date=2024-02-08 |title=Why Bloat Is Still Software’s Biggest Vulnerability |url=https://spectrum.ieee.org/lean-software-development |access-date=2025-11-21 |website=IEEE Spectrum |url-status=live |archive-url=http://web.archive.org/web/20260131190126/https://spectrum.ieee.org/lean-software-development |archive-date=31 Jan 2026}}</ref>.<!-- These privacy and security concerns should be detailed and explained. It would be the core point of this article. --> As a rule of thumb, every added branch of code can make a program exponentially harder to prove for correctness<ref>{{Cite web |last=Howard |first=Gavin |date=2024-03-26 |title=What Computers Cannot Do: The Consequences of Turing-Completeness |url=https://gavinhoward.com/2024/03/what-computers-cannot-do-the-consequences-of-turing-completeness#infinite-state |url-status=dead |archive-url=http://web.archive.org/web/20251214082939/https://gavinhoward.com/2024/03/what-computers-cannot-do-the-consequences-of-turing-completeness#infinite-state |archive-date=2025-12-14 |access-date=2026-01-06 |website=Gavin D. Howard}}</ref>, making it impractical or impossible to verify that a program is not malicious (such as [[spyware]]) or has an exploitable [[wikipedia:Software_vulnerabilities|vulnerability]]. The problem is exacerbated if the app is not [[wikipedia:Open-source_software|open-source]] or [[wikipedia:Source-available_software|source-available]], since [[wikipedia:Reverse_engineering|reverse engineering]] is difficult and (in some cases) illegal. This means that user is unable to control or ensure the safety of their devices.
+Bloat, in any of its forms, raises privacy and security concerns<ref>{{Cite web |last=Hubert |first=Bert |date=2024-02-08 |title=Why Bloat Is Still Software’s Biggest Vulnerability |url=https://spectrum.ieee.org/lean-software-development |access-date=2025-11-21 |website=IEEE Spectrum |url-status=live |archive-url=http://web.archive.org/web/20260131190126/https://spectrum.ieee.org/lean-software-development |archive-date=31 Jan 2026}}</ref>.<!-- These privacy and security concerns should be detailed and explained. It would be the core point of this article. --> As a rule of thumb, every added branch of code can make a program exponentially harder to prove for correctness<ref>{{Cite web |last=Howard |first=Gavin |date=2024-03-26 |title=What Computers Cannot Do: The Consequences of Turing-Completeness |url=https://gavinhoward.com/2024/03/what-computers-cannot-do-the-consequences-of-turing-completeness#infinite-state |url-status=dead |archive-url=http://web.archive.org/web/20251214082939/https://gavinhoward.com/2024/03/what-computers-cannot-do-the-consequences-of-turing-completeness#infinite-state |archive-date=2025-12-14 |access-date=2026-01-06 |website=Gavin D. Howard}}</ref>, making it impractical or impossible to verify that a program is not malicious (such as [[spyware]]) or has an exploitable [[wikipedia:Software_vulnerabilities|vulnerability]]. The problem is exacerbated if the [[wikipedia:Source-available_software|source-code of the app is not available]], since [[wikipedia:Reverse_engineering|reverse engineering]] is difficult and (in some cases) illegal. This means that user is unable to control or ensure the safety of their devices.
-Bloat is known for causing sub-par [[wikipedia:User_experience|user experience]]:
+Bloat is known for causing sub-par [[wikipedia:User_experience|user experience]] (UX):
 *Increased latency, "slowness", when using programs and applications<ref>https://developer.mozilla.org/en-US/docs/Web/Performance ([http://web.archive.org/web/20260211103730/https://developer.mozilla.org/en-US/docs/Web/Performance Archived])</ref>
@@ Line 23: / Line 23: @@
 *High power usage increases energy bills and reduces battery lifespan
 *Over reliance on network connections (e.g., internet) preventing data from being cached locally<ref>{{Cite web |year=2019 |title=Local-first software: You own your data, in spite of the cloud |url=https://www.inkandswitch.com/essay/local-first |url-status=live |website=Ink & Switch |archive-url=http://web.archive.org/web/20260130001648/https://www.inkandswitch.com/essay/local-first/ |archive-date=30 Jan 2026}}</ref>, which can both impede access as well as increase cellular-data billing
-*Instability issues due to difficulty in testing and verifying big codebases
+*Instability issues due to difficulty in testing and verifying big code-bases<ref>{{Cite web |last=Muratori |first=Casey |date=2018-05-12 |title=The Thirty Million Line Problem |url=https://youtu.be/kZRE7HIO3vk |url-status=live |access-date=2026-03-15 |website=Molly Rocket |via=YouTube}}</ref>
-If sustainable energy sources are not used to power these devices with bloatware, bloat can contribute to [[wikipedia:Climate_change|climate change]]. This is true for any excessive processing (CPU, GPU, etc.) and network abuse (such as [[Artificial_intelligence/training|AI training]]).
+If non-sustainable energy sources are used to power these devices with bloatware, bloat can contribute to [[wikipedia:Climate_change|climate change]]. This is true for any excessive processing (CPU, GPU, etc.) and network abuse (such as [[Artificial_intelligence/training|AI training]]).
+==Tools to deal with bloat==
+This is a list of tools that can be used (or are primarily used) to reduce bloat. This is not a guide, just a list of suggestions.
+*[[wikipedia:UBlock_Origin|uBlock Origin]] (uBO). A general-purpose content blocker for web-browsers. It's worth noting that its "Cosmetic Filtering" (element hiding) can, in rare cases (such as animated elements), improve performance.<ref>{{Cite web |date=2016-02-03 |title=html - Does hiding an animated GIF with CSS conserve browser resources? |url=https://stackoverflow.com/questions/33762652/does-hiding-an-animated-gif-with-css-conserve-browser-resources/35169688#35169688 |url-status=live |archive-url=https://web.archive.org/web/20251215062718/https://stackoverflow.com/questions/33762652/does-hiding-an-animated-gif-with-css-conserve-browser-resources/35169688#35169688 |archive-date=2025-12-15 |access-date=2026-03-15 |website=Stack Overflow}}</ref>
+*[[wikipedia:Noscript|NoScript]]. Much more specialized than uBO, as it only deals with [[JavaScript]].
+*[https://libredirect.github.io/ LibRedirect]. On-browser (client-side) redirector of popular websites to privacy-respecting alternatives (alts). Most of those alts are lightweight, so it can be used to ''avoid'' bloat rather than ''remove'' bloat.
+*<code>[https://privacy.sexy/ privacy.sexy]</code>. A tool for improving security and privacy on popular operating-systems, it also serves as a "debloater".
+*[[Android]] debloaters:
+**[https://github.com/Universal-Debloater-Alliance/universal-android-debloater-next-generation Universal Android Debloater Next Generation] (UAD-NG). A [[wikipedia:Desktop_computer|desktop]] app that uses [[wikipedia:Android_Debug_Bridge|ADB]] to disable (or "freeze") and pseudo-uninstall almost (OEMs block some) any app (including system packages) without [[Jailbreak|root]]-access.
+**[https://github.com/samolego/Canta Canta]. An Android app that uses UAD-NG's bloat-lists as its knowledge-base (KB), and [https://shizuku.rikka.app/ Shizuku] as ADB replacement.
+**[https://github.com/MuntashirAkon/AppManager AppManager]. An "all-in-one"/general-purpose package manager that runs on Android. It uses a derivative of UAD's lists as its KB. It can show '''a lot''' of hidden info about apps, which can sometimes be used for reverse-engineering.
+**[https://github.com/lavafroth/droidrunco Droidrunco], superseded by [https://github.com/lavafroth/zilch Zilch]
+*[https://github.com/M66B/NetGuard NetGuard]. An app that uses [https://developer.android.com/develop/connectivity/vpn the local Android VPN API] to filter internet traffic (like a [[wikipedia:Firewall_(computing)|firewall]]). It can be used as an on-device [[Pi-hole]] to [[Ad block|block ads]] using [[wikipedia:Hosts_(file)|<code>hosts</code>-files]] as rules.<ref>{{Cite web |last=Bokhorst |first=Marcel |date=2016-03-20 |title=Ad Blocking with NetGuard |url=https://github.com/M66B/NetGuard/blob/7308869411ff87649bf3a46a9c7c08f1e5353801/ADBLOCKING.md |url-status=live |access-date=2026-03-15 |website=GitHub}}</ref>
+*[https://github.com/celzero/rethink-app Rethink], [[wikipedia:Domain_Name_System|DNS]] + Firewall + [[wikipedia:Virtual_private_network|VPN]] for Android. Can use local and remote DNS.
+*[[wikipedia:Youtube-dl|youtube-dl]] & [https://github.com/yt-dlp/yt-dlp YT-DLP]. Audio/Video downloaders or "[[wikipedia:Ripping|rippers]]". Similarly to LibRedirect, it can be used to avoid bloat, by simply downloading the main content of a page. There's also <code>--get-url</code>/<code>--print urls</code> options that can be used to open the URL of the media in a browser, effectively streaming it, without a customized player
 ==See also==
-*[[JavaScript]]
 *[[Electron]]
 ==External links==
-*[https://youtu.be/kZRE7HIO3vk "The Thirty Million Line Problem"] by [[wikipedia:Casey_Muratori|Casey Muratori]] on "[https://www.youtube.com/@MollyRocket Molly Rocket]" channel
+*[https://thatshubham.com/blog/news-audit "The 49MB Web Page"]; a study on popular news/journalism sites. They also talk about cognitive-load and silent automated bidding, criticizing the degraded UX and privacy violations.
 *[https://idlewords.com/talks/website_obesity.htm "Web Obesity Crisis"]
 *[https://danluu.com/web-bloat/ How web bloat impacts users with slow connections]
+*[https://httparchive.org/reports/page-weight HTTP Archive: Page Weight]
 *[https://www.keycdn.com/support/the-growth-of-web-page-size The Growth of Web Page Size]
 *[https://tonsky.me/blog/js-bloat Javascript bloat in 2024]