MD5 checksums are a great way of determine if a downloaded file is free of errors, and/or unwanted malware. I recently used the the MD5 checksum tool to diagnose a corrupt Ubuntu image after encountering installation problems.
Similar methods are employed in a variety of daily cryptography, iOS (and the mac AppStore), SSL validation certificates, and HTTPS to name a few.
While it is best practice to check all files, walled eco-systems like iOS do this automatically, in reality anytime you are receiving a file from a high-risk source, an obscure mirror, torrent, random thumb drive, this is even more important.
MD5
Regardless of the reason, the process is the following:
First locate the checksum from a reputable, trusted source. In this case I located the hash on Ubuntu’s Hashes Page.
1
| |
Next, the process of interrogating the file:
Open a terminal, navigate to the directory containing the file.
1 2 | |
1 2 | |
Alternatively, you can calculate an MD5 hash of any file. This can be a secure way of being certain that two files really are duplicates.
This is accomplished via the following process:
1
| |
SHA1
Less frequently you may encounter SHA1 checksums because it is a newer, stronger algorithm. While theoretically the MD5 checksum is a very stronghas a very low possibility of collisions. A collision is when two separate files yield the same checksum. In cases like this, it is statistically improbable for a user to experience this scenario, however it is possible to show up taking into account every file in the universe.
Next, the process of interrogating the file:
1 2 | |
1 2 | |