The easiest method to check if a file has been altered is to use a checksum, popular formats are MD5 and SHA1. The download files on HT-Lab all have an MD5 checksum.To check the file integrity simple run an MD5 utility on the file before installation and compare the calculated checksum with the one listed on the webpage.
File Integity using OpenPGP certificate
A more reliable (but more cumbersome) method to check if the file has been tempered with is by digitally signing the file with a Certificate (cryptographic signature). HT-Lab use the Open Source GnuPG package with a public available key. The method for checking the file integrity is straightforward:1.Install the GNU Privacy Guard for Windows package2.Download the HT-Lab public key from either here or from a key server (search for ht-lab). You can access a default key server from within Kleopatra (Lookup Certificates on server)3.Import the key into your key ring4.Navigate to the directory were you have downloaded the file and the signature5.Verify the *.asc signature file using the just imported HT-Lab public key
It is always advisable to check that the file you are downloading has not been tempered with. Unfortunately any website can be hacked, the files, checksums and signatures can all be changed without the owners or users knowledge. The only options users have nowadays is to make the hacking process more difficult but stopping it is not possible.We provide 2 methods to check file integrity, a traditional MD5 checksum is provided for each file and a more secure OpenPGP digital signature (Certificate).