How does verifying the checksum confirm the integrity of a downloaded file, when it’s posted on the same website the file came from?
In: 27
The checksum is the result of a mathematical calculation performed on 1’s and 0’s of a file. Wherever that math is performed on that file, it should give you the same checksum value. Typically, this is used to make sure that the file you copied from Point A to Point B made it there intact.
If the question is about the integrity of the downloaded file, them telling you that when you download it, the checksum will be X, and you get X when downloaded, you got it without any corruption.
If the question is about whether the file has malicious content…that’s a different story. On a pirate site, you could find game.exe that contains a pirated version of the game you want. There can be hundreds of copies of it available for download. You see the 5 most downloaded all have different checksums. Two of them might be clean, but were “packaged” differently, and therefore with slightly different compression, they get a different checksum. One of them might be different because they only included the important stuff, and left out the nonsense to make the file smaller. The last two contain two different forms of malware.
They all can be verified using the checksums. When you download, you’ll get what you ordered if the checksums are correct…malware and all.
When I…considered pirating a long time ago with LimeWire but never would have actually done it…checksums were a way to determine the “most likely to be clean” version. The more seeds that contained the same .exe with the same checksum…the more people got the software, used it, and seeded to others. If it contained malware, most folks would delete it before (or after) opening).
TLDR: checksums are only to tell you exactly what a file will/should contain as a result of that math problem. Their value is less about verifying the download, and more about validating that you’re getting ONLY that file, and not some unwanted tagalong software in that same file. If the checksum for the software is the same in all locations, you can be certain that it hasn’t been tampered with. If the checksum doesn’t match what it is supposed to be, then you don’t want to download/open it.
TLDRTLDR: A checksum from website A should be the same checksum for software from website B. If they are different, then one of them has likely been naughty. The checksum that is the same from the most locations, is likely to be the “clean” one.
Latest Answers