Automatic checking of downloaded file integrity

posted by Abishek Muthian Ideator , 248 days ago , show insights

We are at higher risk of supply-chain attacks than ever before, A seemingly innocuous file we download from a trusted website could have been maliciously altered to compromise our systems by an attacker but the file integrity checking mechanisms are beyond the reach for an average Internet user.

Websites which care about the security of their users provide hash(MD5/SHA) or GPG signature file which can be used to verify the integrity of the file with a couple of commands, Although its straightforward for the power users it's not ideal for those who have never executed commands in the terminal/command prompt.

If the file verification can be automated at browser through standardized specification of hash signatures then end users need not verify the integrity of the files manually.
Register Login to comment or vote on this problem
Need karma! Please check submission guidelines.
Why pay twice?