Beng Hacks: May 2007

Wednesday, May 02, 2007

Only trust what you made urself

Recently I came across this app called nLite, which is a free app to help you customise and build custom slipstreamed unattended WinXP install discs. It's a pretty nifty tool, allowing you to select hotfixes and SP2 to integrate into your existing WinXP SP0 disc, remove built-in apps/services, auto-configure things like computer name, user accounts, even the CD key!

It can also go in and add new drivers for you to be included in setup, no more F6 for RAID!

I tried it, from a 550MB WinXP SP0, I slipstreamed SP2 and ran nLite. The resulting unattended WinXP SP2 install disc size? 300+MB. Impressive.

Only 1 problem. How can you trust that nLite didn't add something special into your WinXP install? Afterall u keyed in ur cdkey and it is obviously able to add new services, apps even drivers into your WinXP cab files. So, what is stopping it from installing a customised callback?

Answer: nothing. This comes back to the free app + embedded trojan trick I said b4.

In the end, only trust what you made yourself. Slipstream the SP2, slipstream the hotfix. But stop there and burn it. If it's too big, search the net to remove the extra stuff like SUPPORT and LANG and VALUEADD, etc. Or just burn into DVD since nowadays all DVD-ROM anyway.