A Crash Reading of Checksums
Have you possibly heard about checksums, or even seen it in every download you make in a day, that little code that you see near a "Download" button or anywhere around? That code is there for a reason, this is a formal way to verify the integrity of files, as simple as that.
The Checksum code is a numeric value computed for a block of data, and it's relatively unique. This is considered a good security practice to check if you are using or manipulating a legitimate file that came from the developers of the software.
If you download a file and perform a checksum comparison and notice that both codes are not equal, the downloaded file can be corrupted in any form, and for hackers, this can be considered a good way to get into your system without suspecting it.
This checksum code is mostly present on ISO files or specific software.
It’s quite easy to generate a sha1sum
(or whatever hashing type was set) command to run the math algorithm against the file to return the checksum value and compare.
In Unix-based systems, we have the sha1sum
command
sha1sum <yourfile>
The execution of this file will represent all data in a single file, if it matches, you can virtually guarantee that the data is the same, the public version vs your local version, where, the public is a copy from the download source (Internet) and the local is the downloaded one.
You can also play with other types of hashing, like sha256sum
or sha512sum
, like:
sha256sum <yourfile>
That’s it.
After this, check your downloads checksums and compare them