invisibill.net

I’ve always used bits of info from several different sources when explaining how to slipstream SPs into install shares. The whole process is pretty much trivialized by nLite now, which can slipstream the SP and create the bootable ISO with just a few clicks, without even needing to really understand the concepts.

But I went ahead and wrote up a guide on how to do it manually. http://pctech.invisibill.net/slipstream.html should explain the whole thing pretty well. Let me know if you find any errors or if anything is unclear, so I can improve it.

I added the W3C “Valid XHTML” logo to the site. I’m aware that this whole front page of invisibill.net doesn’t validate, but that’s due to the content of some of my old posts. If you view only the recent ones, like http://www.invisibill.net/2004_08_01_blogarchive.html, it does validate. Go there, click the image, and clap for me. Or something.

Windows XP Service Pack 2 is available now. You can download the full 266MB file here. FileMirrors and SP2torrent.com offer alternatives if you’re not happy with the download from MS.

If you download it from a third party, you should verify that it’s the true file. The MD5 for the file is 59a98f181fe383907e520a391d75b5a7 and the filesize is 278,927,592 bytes.

SP2 is making its way into Windows Update and the Automatic Updates feature. If you want them to ignore SP2 temporarily (to verify compatibility, etc.), there is more info here.

The executable creates the registry key and sets the associated value on the machine upon which it is run, to block or unblock (depending on the command-line option used) the delivery of Windows XP SP2 to that system, through Automatic Updates or Windows Update. The key used is HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate.
Whe n the /B command line option is used, the key value name ‘DoNotAllowXPSP2’ is created and its value sets to ‘1’. This value blocks delivery of Windows XP SP2 to the machine through AU or WU.

When the /U command line option is used, the previously created registry value that temporarily blocked the delivery Windows XP SP2 to the system via Automatic Updates (AU) or Windows Update (WU) is removed. If the value does not exist on the system from which it is run, no action is taken.

It’s just a registry key that causes WU and AU to temporarily ignore SP2. This is an easy way to put off installing SP2 without having to change a bunch of stuff on your system. However, if you have no major compatibility issues, you really should upgrade. There are many security enhancements that will help stop problems in the future.

I got an email from the SpywareNuker people regarding my comments. I expect you to view anything you read with a critical eye, including what I myself write. I posted a quote from the Spybot S&D page to give you some information, but I don’t expect you to take that as hard fact. If you hadn’t picked up on it from the rest of my site, I expect people to think for themselves.

The email claimed that they have never received a single complaint that the program downloaded an ad or third-party software. I find it hard to believe that Spybot, a rather respected anti-spyware program, and Symantec would both just create lies to discredit them. But we all know how rumors spread on the internet…

Anyway, I just downloaded their program to check it out myself. Here’s what their license agreement says.

4. ACKNOWLEDGEMENT OF UPDATES

SPYWARENUKER IS NOT ADWARE AND WILL NEVER DOWNLOAD ADWARE OR SPYWARE APPLICATIONS ONTO YOUR PC. However, you acknowledge that the “Trek Blue” Program(s) include technology which allows “Trek Blue” to provide updates to the software directly to your computer. By installing, downloading, copying, updating or otherwise using the “Trek Blue” Program(s), you specifically agree to include and/or accept the noted software and technology through which “Trek Blue” keeps “SpywareNuker” or other “Trek Blue” programs current as a condition to using the “Trek Blue” Program(s). Note that SpywareNuker allows the user to select from three (3) methods of updating the definition database:

1 download updates automatically and notify me when the update is available to install.

2 notify me when an update is available and only download and install when I click “Yes.”

3 disable auto-update. I’ll check for all update manually.

Upon installation, the second option ( 2 - notify me when an update is available and only download and install when I click “Yes.”) is the default and will be used unles the user specifies otherwise.

It basically just says that it does have “updater” mechanisms in it. It doesn’t say anything about third-party content, so I would expect that not to be relevant. Then again, it doesn’t specifically say anything against it, and we know how lawyers can be sometimes. As the license states, it tried to check for updates when I first started the program. However, after choosing option three, it did not make any connections. The web-installer and the update check both made connections only to crossroad.spywarenuker.net, which is a sign that it’s not just downloading random trojans and ads onto your system.

In short, you could consider this spyware if you really wanted to, based on the default setting to check in with its website. I didn’t analyze the traffic itself, so I honestly don’t know what data they do and don’t send. Note that Spybot, Ad-Aware, and just about every other modern program come with auto-update as an option, sometimes on by default. It doesn’t appear to do anything harmful right now, but there’s nothing in the license specifically preventing that from being added either. I’m not sure how other programs’ agreements are in regard to this. From what Spybot says, it’s not that great at removing spyware. I can only take their word on that, as I don’t have spyware problems, and don’t intend to install some just to test it out. It doesn’t seem to be the evil program some people would have you believe, but I can’t vouch for older versions, which could be where all these bad claims come from. And the multiple/changing names thing doesn’t exactly inspire confidence either.

http://www.mozilla.org/

Mozilla 1.7.2, Firefox 0.9.3, and Thunderbird 0.7.2 have all been released. They fix some recent security issues. Update your stuff if you need to.

http://techrepublic.com.com/5100-22_11-5294654.html?tag=e019

Symantec labelled Spyware Nuker as a potentially damaging pieces of adware, which TrekEight/Trek8/TrekData/TrekBlue claims isn’t true and has cost them distributors and advertising.

Here’s what Spybot S&D has to say:
http://www.safer-networking.org/en/threats/258.html

Heavily advertisement by spam (unsolisicited email advertisement); phoning home on program start; silently installing updates and content (meaning advertisement) into your system. Those applications may even come from third parties. No limitation is made about this ‘value-added’ content, meaning the license allows them to install any spyware into your system without your knowledge. In addition, using the program isn’t safe - LSP hijackers get removed, but the Winsock not fixed so you would loose your internet connections.

It looks like the program may not actually be spyware (depending on your exact definition), but it contains the mechanisms and licensing to do so. But regardless of that, it seems to do a poor job of being an anti-spyware program, so you shouldn’t be using it anyway. Stick with Spybot or Ad-Aware.