As part of the CompliaShield open source program, we have released our first desktop application. The application’s installer can be downloaded from our GitHub page.
The application is a simple, one-page graphical replacement to the Microsoft File Checksum Integrity Verifier command line tool.
Safeguarding against file tampering is a big part of security. Every file can be hashed to produce MD5 and SHA1 values that uniquely verify the file’s contents. If even one single byte of data is modified, then the checksum values will no longer match.
File authors can get the MD5 and SHA1 checksum values for any type of file or Zip archive using any number of tools, including online sites that let you upload the file.
The values can then be distributed with the file or published on a website so that anyone can validate that the file hasn’t been altered.
Though Microsoft offers a free command line utility that handles this, we frequently find ourselves in a hurry and don’t want the hassle. For system administrators, their users may not be technically competent to use a command line application.
For this reason, CompliaShield has decided to release a simple, single page Windows desktop application that will calculate any file’s checksum value and display them. These can then be compared to the published values on download sites or content deliver networks.
This added layer of safety helps ensure that users validate before there the incorrect version, or worse, malware ends up getting installed on their system.
CompliaShield has decided to release a number of projects based around security, encryption and data validation via GitHub.
The decision to open source parts of our code ensure transparent review by any third party, allows for collaboration, and gives our partners and clients direct access to our same common patterns for encryption and security.