Skip to content

Roadmap: Make Spark the best USB flasher — better than Rufus + Etcher combined #1

Open
Open
Roadmap: Make Spark the best USB flasher — better than Rufus + Etcher combined#1
@lldlfasjkdas

Description

@lldlfasjkdas
lldlfasjkdas
opened on May 11, 2026

Repo

https://github.com/sparkflash-dev/spark

Context

Spark is a fork of balenaEtcher with all telemetry removed. Goal: the best OS image flasher for sysadmins who flash drives every day. Better than Rufus and Etcher combined.

Problems with Etcher (from 600+ open issues, forums, HN)

  • Spyware/telemetry — sends image filenames, hardware IDs to Google Analytics, Mixpanel, Sentry without consent (#2057, #2902). Tails project stopped recommending it.
  • Bloated — 450 MB install for a USB writer. USBImager is 300 KB.
  • Slow — 3 MB/s on macOS vs 20-30 MB/s with dd (#2740)
  • Broken on Apple Silicon — corrupts SD cards on M4 Macs (#4457)
  • macOS code signing issues — "will harm your computer" (#4361)
  • No advanced options — no MBR/GPT, no partition scheme, no persistence
  • No Windows ISO support — #210, 7+ years open
  • No backup/clone — #266
  • No CLI — GUI-only
  • Abandoned — slow response to critical bugs

Problems with Rufus

Roadmap

Phase 1: Core (v2.x) — DONE

  • Remove ALL telemetry (Sentry, Mixpanel, GA, auto-updater)
  • Remove marketing webviews (64% of window was ads)
  • Modern dark UI (Inter font, deep navy theme, glow effects)
  • Keyboard shortcuts (Ctrl+O, Ctrl+D, Ctrl+Enter, Esc, F5)
  • Drag & drop with visual feedback
  • Remove rendition dependency (lighter bundle)
  • zstd / .zst image support
  • Cancel confirmation dialog
  • Complete rebrand (logo, colors, bundle ID, app protocol)

Phase 2: Reliability (v3.0) — DONE

  • SHA256/MD5 checksum auto-verification from sidecar files
  • Human-readable error messages with troubleshooting suggestions
  • Fix Ubuntu 24.04 .deb install
  • Fix requestMetadata race condition (#4150)
  • WebSocket input validation & XSS fixes
  • Shell injection prevention in environment variable handling

Phase 3: Power Features (v3.1-3.2) — DONE

  • CLI modespark flash, spark list, spark verify for scripting/CI
  • 15 languages — EN, ZH-CN, ZH-TW, RU, JA, KO, DE, FR, ES, IT, PT, AR, TR, PL, HI, VI
  • Windows ISO detection — detect version/edition, recommend MBR/GPT and UEFI/Legacy
  • Persistent storage — casper-rw for Ubuntu, overlay for Fedora, persistence for Debian/Kali
  • Bad sector scan — optional pre-write surface scan with Quick/Standard/Thorough modes
  • Flash queue — sequential multi-image operations with auto-detect
  • Flash history — track past operations with stats
  • Drive health — fake capacity detection, bus type analysis, mountpoint warnings
  • Auto-eject — optionally eject drive after successful flash
  • Secure IPC — channel allowlist, sender validation, prototype pollution protection
  • Content Security Policy — strict CSP headers
  • Electron sandbox — context isolation, navigation locks
  • 140+ unit tests — comprehensive coverage

Phase 4: Pro Features (v3.3-3.4) — DONE

  • Multi-boot (Ventoy-style) — multiple ISOs on one USB with GRUB boot menu
  • Drive backup/clone — raw image backups with gzip/zstd compression
  • Queue mode — flash same image to multiple drives sequentially (insert next, auto-flash)
  • Image library — bookmark ISOs with tags, search, usage stats
  • Post-flash scripts — run custom scripts after flashing (SSH key injection, hostname, WiFi config)
  • Plugin system — community extension framework with manifest validation and permissions
  • Network flash — flash from HTTP/HTTPS URL with resume support
  • Portable mode — run from USB with config stored alongside executable
  • Accessibility — ARIA labels, screen reader, high contrast themes, reduced motion, focus trap
  • Theme manager — dark/light theme with CSS custom properties
  • Shortcut manager — 12 configurable keyboard shortcuts
  • Notification manager — native OS notifications with action buttons
  • Direct I/O — bypass OS buffer cache for faster writes
  • Parallel verification — concurrent segment verification
  • Write resume — checkpoint recovery for interrupted writes
  • Buffer pool — prevent memory leaks during writes
  • Lazy loading — faster startup via deferred module loading
  • GitHub Actions CI — lint, test, build + automated telemetry audit
  • CLI backup & queuespark backup and spark queue commands

Phase 5: Polish (v4.0) — NEXT

  • Bundle size reduction — tree-shake, lazy load, target < 100 MB
  • Native Windows ISO flashing — full MBR/GPT write with UEFI/Legacy boot config
  • File system formatting — FAT32, NTFS, ext4, exFAT options
  • Silent auto-updates — background update check from GitHub Releases
  • Drive-to-drive cloning UI — visual clone workflow
  • Image download integration — fetch popular ISOs directly in-app
  • Accessibility audit — WCAG 2.1 AA compliance verification
  • macOS notarization — proper code signing and notarization pipeline
  • Snap / Flatpak / AppImage — Linux packaging for all distros
  • Community plugin repository — discover and install plugins from within the app
  • Electron 38+ upgrade — latest Chromium and Node.js

Phase 6: Enterprise (v5.0) — Future

  • Headless server mode — REST API for remote flash management
  • Fleet provisioning — flash hundreds of drives with different configs
  • PXE boot integration — network boot alongside USB flash
  • LUKS encryption — create encrypted drives during flash
  • Secure Boot signing — sign bootloaders for Secure Boot compatibility

Priority matrix

Impact Effort Feature Status
Done Done Remove all telemetry v2.1.4
Done Done Modern dark UI v3.0.0
Done Done Checksum verification v3.0.0
Done Done CLI mode v3.1.0
Done Done 15 languages v3.4.0
Done Done Windows ISO support v3.4.0
Done Done Multi-boot v3.4.0
Done Done Drive backup/clone v3.4.0
Done Done Queue mode v3.4.0
Done Done Plugin system v3.4.0
Done Done Persistent storage v3.4.0
Done Done Post-flash scripts v3.4.0
Done Done zstd support v2.1.4
High Med Bundle size reduction v4.0
High Med Native Windows ISO write v4.0
High High macOS notarization v4.0
Med Low Auto-updates v4.0
Med Med Snap/Flatpak/AppImage v4.0
Med High Fleet provisioning v5.0

Why Spark wins

  1. Privacy-first — zero telemetry, zero tracking, period
  2. Cross-platform — Linux + Windows + macOS (Rufus is Windows-only)
  3. Modern UX — clean dark UI, 12 keyboard shortcuts, drag & drop
  4. Power features — CLI, Windows ISO, multi-boot, persistence, backup, queue, plugins, post-flash scripts
  5. Lightweight — removed rendition and marketing, targeting < 100 MB
  6. Open & honest — no fake password dialogs, no bundled ads, no upsells
  7. Accessible — ARIA labels, high contrast, screen reader, reduced motion
  8. Secure — CSP, sandbox, IPC validation, input sanitization, telemetry audit in CI

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions