Download software/software updates

Smith
Smith Posts: 4 New Member

A.  I am occasionally told there is an update to software I have installed, either purchased or freeware.

 

B.  Often the update is from a third party site, i.e., CNet.

 

C.  While these third party sites are often well known, and after download are scanned by security software before being installed, I am still somewhat skeptical since they did not come directly from the manufacturer.

 

D.  Is there any way to check that the software downloaded has not been detracted from/added to by the third party site?

 

E.  Concurrent with A.-D., what are the better/best software products for encryption of data both retained on the drive and sent over the internet?

 

F. Thank you for your kind consideration of these queries.

Comments

  • Enfcmedic384
    Enfcmedic384 Posts: 181 Enthusiast

    Oh Get yourself a Nice VPN and make sure your VPN is the best connecttion you can get like 256bit Open VPN.

     

    The best software for updates is Secunia PSI and it ACTUALLY tells you if a real update is available. You download it here:

    http://secunia.com/vulnerability_scanning/personal/ It is free and from Denmark Yo :) How cool is that!

     

    Best,

    Rich

  • Siltanen
    Siltanen Posts: 61 F-Secure Employee

    Hello Smith,

     

    Your personal AV and Firewall suite, F-Secure Internet Security 2014 for example, should keep you safe from unwanted content.

     

    However if you want to be absolutely certain that the installer is not tampered with, I suggest you download it from the manufacturers website, preferably over HTTPS.

     

    There are ways to check if the installer is legitimate, but it requires that the manufacturer provides MD5 or SHA1 (or similar) checksums on their public website (or somewhere, where you can easily obtain it from) so that you can compare the checksum derived from the installer to that of reported by the original manufacturer.

  • Enfcmedic384
    Enfcmedic384 Posts: 181 Enthusiast
    Thanks for the follow up. The only caveat though is that you can not trust digital signatures because just because something's signed does not it safe because it can be falsely authored just the way a signature can be faked. That is why a checksum is bit better. It is REALLY NICE to go back to the days of physical hard copy of software installers which are then designed to protect themselves from MSI code injection during update etc...
This discussion has been closed.
Feedback on New Design