cancel
Showing results for 
Search instead for 
Did you mean: 

Download software/software updates

Scholar

Download software/software updates

A.  I am occasionally told there is an update to software I have installed, either purchased or freeware.

 

B.  Often the update is from a third party site, i.e., CNet.

 

C.  While these third party sites are often well known, and after download are scanned by security software before being installed, I am still somewhat skeptical since they did not come directly from the manufacturer.

 

D.  Is there any way to check that the software downloaded has not been detracted from/added to by the third party site?

 

E.  Concurrent with A.-D., what are the better/best software products for encryption of data both retained on the drive and sent over the internet?

 

F. Thank you for your kind consideration of these queries.

3 REPLIES 3
Senior Member

Re: Download software/software updates

Oh Get yourself a Nice VPN and make sure your VPN is the best connecttion you can get like 256bit Open VPN.

 

The best software for updates is Secunia PSI and it ACTUALLY tells you if a real update is available. You download it here:

http://secunia.com/vulnerability_scanning/personal/ It is free and from Denmark Yo :) How cool is that!

 

Best,

Rich

"All that is necessary for the triumph of evil is that good men do nothing." (Edmund Burke)
F-Secure Employee

Re: Download software/software updates

Hello Smith,

 

Your personal AV and Firewall suite, F-Secure Internet Security 2014 for example, should keep you safe from unwanted content.

 

However if you want to be absolutely certain that the installer is not tampered with, I suggest you download it from the manufacturers website, preferably over HTTPS.

 

There are ways to check if the installer is legitimate, but it requires that the manufacturer provides MD5 or SHA1 (or similar) checksums on their public website (or somewhere, where you can easily obtain it from) so that you can compare the checksum derived from the installer to that of reported by the original manufacturer.

Senior Member

Re: Download software/software updates

Thanks for the follow up. The only caveat though is that you can not trust digital signatures because just because something's signed does not it safe because it can be falsely authored just the way a signature can be faked. That is why a checksum is bit better. It is REALLY NICE to go back to the days of physical hard copy of software installers which are then designed to protect themselves from MSI code injection during update etc...
"All that is necessary for the triumph of evil is that good men do nothing." (Edmund Burke)