Imagine that you are a software company and host an awesome free piece of software. One day your site is hacked and the download file for your software is replaced with a malicious version of the software. It might be days (or longer!) before you notice. Or what if someone is intercepting traffic and altering files as the end customer is downloading them. How would your customers know that the file they are downloading is malicious?
Step in file hashes. On creation the hash value of the file is worked out and if there are any changes to the file then the hash value changes. So if the hash value is different to the original this indicates a change in the file or that the file is not what it seems.
You may have already seen a hash value when downloading software. For example, if you head over to the Raspbian download page you may notice that the downloads have SHA256 values listed underneath them. Each one of these hash values is different.
The Raspbian Buster Lite download has a SHA-256 hash value of 9e5cf24ce483bb96e7736ea75ca422e3560e7b455eee63dd28f66fa1825db70e. Now that we know to look for a hash value we need to know how to check it.
Download the file, in this case 2019-07-10-raspbian-lite.zip but do not open it! Before opening the file we want to check its SHA-256 value to make sure it is safe to use.
Raspbian (Linux)
Use terminal and navigate to where the file is located. Type:
sha256sum 2019-07-10-raspbian-buster-lite.zip
After a few moments a value should return and this should match the value on the Raspbian download page.
Mac OS X
Use terminal and navigate to where the file is located. Type:
openssl sha256 2019-07-10-raspbian-buster-lite.zip
After a few moments a value should return and this should match the value on the Raspbian download page.
PowerShell (Windows)
Use PowerShell and navigate to where the file is located. Type:
Get-FileHash .\2019-07-10-raspbian-buster-lite.zip
This option also works in PowerShell Core for Mac OS X or Linux.
What If The Values Don’t Match?
If the values don’t match (i.e. if the Raspbian page displays a different value to the one your file has) then it is a different file. This could be due to the file being updated or changed on the server, being altered during transfer or being corrupted.
Changing The Value
The hash value changes any time the file is edited. So if a zip file was extracted, a new file added or a config file edited, and then it was all compressed (zipped) again it would have a different hash value.
Want to know more? Check out:
GeekTechStuff 
You must be logged in to post a comment.