In my last post I briefly mentioned MD5 hash checksums. If you don’t know what this is, the short version is that people who offer files for download also post the MD5 hash checksums of those files. This way, people who download the files can compute the checksums separately and see if they match. If so, the downloaders can be pretty positive the files weren’t tampered with (or that if they were tampered with, the person who did not only took the time to recalculate the checksums, but posted the tampered results).
It’s a great idea — and while it may not keep your files safe if you keep your checksums in the same place you keep your files (so the attacker can easily post both the bogus checksums and the bogus files), it at least lets your downloaders know they’ve correctly downloaded the entire file. This is really nice when you’re downloading large ISO images — you can verify the file, at least, is good before you start making coasters.
Unfortunately, Windows doesn’t offer built-in support for calculating or verifying checksums. However, there are a variety of little third-party apps that do. The one I’ve been using is Colony West Software’s DigestIT 2004. This little puppy is very useful, because it installs as a Windows Explorer shell extension. Simply right-click on a file and you get checkcum calculation and verification options at your fingertips. Best of all, it supports not only MD5 hashes but SHA-1, and it can work with multiple files at once. Very cool!