How do you manage your hash in win 7?

Discussion in 'other software & services' started by Sully, Jun 29, 2010.

Thread Status:
Not open for further replies.
  1. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    I was wondering what tools and techniques the Wilders community uses with checksums and hashes on files they download.

    There must be some favored methods that improve the time and ease of verifying what you are downloading, rather than simply looking at the checksums and saying "looks good".

    I have always used the hash tab in XP, but now am wondering on win7 what others are using.

    Sul.
     
    Last edited: Jun 29, 2010
  2. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Re: How do you manage your hash?

    Using HashTab as well on Windows 7 64-bit.
     
  3. FanJ

    FanJ Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    2,564
    Re: How do you manage your hash?

    Hi Sully,

    I'm wondering whether it would be a good idea to add in your thread title the words "on Win 7". So the title would be:
    "How do you manage your hash on Win 7 ?"

    ;)
     
  4. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    Re: How do you manage your hash?

    Good point. Unfortunately it did not seem to take.

    Thanks though.

    Sul.
     
  5. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,746
    Location:
    Texas
    Thread title changed.
     
    Last edited: Jun 29, 2010
  6. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,852
    I tend to use digital signatures as a trust source rather than hashes. I don't tend to install much non-signed software. In such a case it's usually alpha software from a trusted repository.
     
  7. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    Thank you.

    Sul.
     
  8. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    How much do you find is non-signed? What is your recourse if you find a non-signed software you wish to try? Do you even bother with md5 or other checksum, or do you just install it (vmware or whatever safe method you might use) ?

    Isn't there a way at all in any of the browsers or managers that will show you the hash after download so that you can compare right away instead of having to use other tools?

    Sul.
     
  9. FanJ

    FanJ Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    2,564
    Thanks Sully and Ron for changing the thread title; I suggested it because I thought that was what Sully was asking for ;)
    I will follow this thread with interest in case I might migrate to Win 7.

    (On XP I have several tools (both free and not-free) to do this; but mostly I use my much beloved old CryptoSuite.)

    I am wondering whether DigestIt2004 works on Win 7.
    Anyone up for testing it on Win 7?
    http://www.colonywest.us/index.php?option=com_content&view=article&id=46&Itemid=56
     
  10. pandlouk

    pandlouk Registered Member

    Joined:
    Jul 15, 2007
    Posts:
    2,559
    I use hashtab and FileVerifier++.

    Panagiotis
     
  11. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
  12. wat0114

    wat0114 Guest

    None. Do I need to check the file hash on downloads I already trust?
     
  13. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    Unless your crypto embedded super computer brain can do a binary comparison by simply looking at the file once you download it, umm, maybe?

    I have always thought it as a bit of a hassle to view the checksum online and then open hashtab to compare. Sometimes I do, sometimes I don't, and as you elude to, it depends just how much I think I can trust the source.

    I am curious if there is a method available that makes it convenient so that I am encouraged to always check the sums.

    Sul.
     
  14. ALookingInView

    ALookingInView Registered Member

    Joined:
    Sep 14, 2009
    Posts:
    365
    I'm also interested in finding a good MD5/SHA verifier for 7.
    My old XP solutions don't work on 7 yet, at least not the last time I checked.
     
  15. wat0114

    wat0114 Guest

    I guess I always thought of it as a waste of time checking it. After all, I've never been burned once obtaining a file from a source I trust. Have I just fluked out all these years?
     
  16. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    It can be a pain, for sure. But look how many applications now come with one. It is the attempt by the makers to ensure what you get is what they made, not something slipped with trojans etc. Not using it, well, obviously we can all atest to usually nothing goes wrong. But if you could use it conveniently, how much more could it become, especially to help those who can't just download and install without issues.

    Sul.
     
  17. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    Firefox extension DownThemAll has a field in which one can paste a hash as a download is started. DownThemAll checks the hash when the download has completed, and alerts the user to a mismatch.
     
  18. guest

    guest Guest

    Can the hosted download be compromised? Yes. Can the published hash be maliciously modified? Yes, so I would preferably check with trusted online databases as well.

    But I don't know what is the best tool to check hashes on Windows 7 - I don't waste my time with this boring practice. If I did, I would see myself as a paranoid, because I already maintain a very small set of selected software installed, to avoid vulnerabilities and other problems and, usually, I don't download alpha/beta software, neither new unknown software and I prefer to always download from the developer page when possible.
     
Loading...
Thread Status:
Not open for further replies.