Downloading Updates

Help
userxyz
2012-07-25
2013-03-17
  • userxyz

    userxyz - 2012-07-25

    Given the security oriented nature of this program, it would seem to warrant having reassurance that my connections to the website for updates is also secure and authenticated. I think it would be swell if we had a certificate for the server connection in order to be sure that the update we get is validated thoroughly.

     
  • Paul

    Paul - 2012-07-25

    Sourceforge has a certificate, but you are better off checking the MD5 hashes.
    My favourite tool for this is Nero MD5 verifier.

    cheers, Paul

     
  • Julian Taylor

    Julian Taylor - 2012-07-26

    @pail459
    don't use the md5sums to verify anything untrusted anymore. its pretty easy to create collisions for it nowadays.
    use the sha1, sha256 or the pgp signatures.

     
  • Paul

    Paul - 2012-07-27

    I still haven't found an easy to use verifier that does anything but MD5. Being able to paste the hash, point to the file and press the go button is my idea of a utility people would use.

    cheers, Paul

     

Log in to post a comment.