The reasons for this are not always malicious (see below), but a failed hash check should set alarm bells ringing. If it is not, then the program has been changed in some way. If it's the same, then you have a reasonable degree of confidence that the program you have downloaded is exactly the same as the one published by its developer. What is a hash check?Įnsuring that a program has not been tampered with, or just corrupted, is a fairly simple matter of calculating its hash value and then comparing it with the hash checksum provided by its developers. The hash value is, therefore, a unique fingerprint for any program or other digital files. What is a cryptographic hash?Ī cryptographic hash is a checksum or digital fingerprint derived by performing a one-way hash function (a mathematical operation) on the data comprising a computer program (or other digital files).Īny change in just one byte of the data comprising the computer program will change the hash value. Thankfully, a partial solution to this can be found by checking cryptographic hashes. This makes it difficult to tell whether the software you have just downloaded is what was intended by the developer(s) or something that has been modified somewhere along the way. It’s wonderful that open source software can be used by anyone as the building blocks to other programs, but this is, in fact, a double-edged sword. Here at ProPrivacy, we applaud the transparency of open source, as it is the only definitive way to know that a program is what it says it is on the tin with no funny business. There is some convenience to commercial software, but this often comes with the caveat of being closed source.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |