So, after a semi-catastrophy on my laptop, which was caused by me just jumping the gun on getting rid of ads by Acronis (backup software), I’m writing a software to ease and automate the post-bare-metal state.
In English, that means installation of all those software that you had on your laptop, but never actually gave them two cents of thought.
Simple idea.. loop
Think about what installation is all about? Sure. Sounds easy:
- download the installer file
- hash-check file in order to know integrity (safety)
- run it
On surface level it’s really easy. But if you stop imagining the typical installation of software, you’ll quickly remember that there are a few caveats:
- accepting EULA or similar license dialog (keyboard/mouse)
- choosing configuration options during installation wizard
- confirming final options before installation starts
- knowing when the installation wizard has finished, since Windows can’t run many installation in parallel. The previous has to end before next install can begin
You just need a file; proper user that has privilege to install new software, and a way to authenticate the file is legit and doesn’t contain malware.
So we could write a software to just programmatically drive required tools to install all the needed software. Magic. Wish all programming was this easy. Getting back to this!
Some details of getting installs right on Windows 10
Windows software installers come in a few forms:
- .exe files
- MSI files
- newer MSIX – one thing I need to research a bit
- good old .zip files
For our purposes, we are only interested in a few specific aspects:
- is the installation file executable per se
- if not, what are the minimal prerequisites (dependencies) needed to run file?
Does zip file cause difficulties?
Many installers come as a zip. Zip is a lempel-ziev compressed file. The repetion of consecutive identical bytes has been omitted, and there’s a few extra tricks that make the file size even smaller. If you want to know more of the theory of zip, look at wikipedia: Lempel-Ziv compression.
The problem we might encounter with zip and authenticating has to do with whether the zip can ‘cloak’ content.
This turns out not to be a problem: a hash of zip file is as good as hash of any other content – despite there’s internal structure in the file; a good hash algorithm has a property (preimage resistance) that ensures only two identically same collections of ordered bytes give out the same hash value.
I’m putting my hands down on code, and come up with the results within a couple of weeks. Hopefully! 🙂