These hash, they give the same to the site?

[Mindovermaster Moderator]

22 minutes ago, TAZMINATOR said:

Some people are finding a way to get in your PC without your knowledge.

That been happening for years, Taz....

[adrynalyne]

30 minutes ago, TAZMINATOR said:

What do you think?   What would he want to hash those files that aren't belong to him for?   If he hash them, most likely he would host them or upload to file sharing website such as softpedia  something like that so the visitors download the infected files... you NEVER know what he would be doing with those. Malware, virus, ad wrap, etc.

 

Some people are finding a way to get in your PC without your knowledge.

 

 

The paranoia is strong with this one. The OP has shown in past posts that he just doesn't understand computers and software. 

[Mindovermaster Moderator]

8 minutes ago, adrynalyne said:

The paranoia is strong with this one. The OP has shown in past posts that he just doesn't understand computers and software. 

in ALL his posts, it seems... I can not teach him...

[+Warwagon MVC]

6 hours ago, kifirefox said:

I'm trying to test the hash, but nobody here does not understand, is there anyone to help do the test?

Post the program, the hash and the link and I'll check it out here too.

Get a program known as firefox, sumatra pdf, utorrent, cdburnerxp, recorders, pdf readers, codecs, etc.

 

And by the link to test in the same place, because in different sites it seems that the hash are different. Has to be the same link, same version, even everything.

 

 

 

Budman did exactly that on page one in his 2nd post, using Firefox from the Legit sight.

[TAZMINATOR]

1 hour ago, Mindovermaster said:

That been happening for years, Taz....

You are telling me like i didn't know that....

 

I know that.   I fix the computers from home for years.   People come to me and saying that they get virus, malware, etc.   I cleaned them off for them.

[DevTech]

If Neowin Forums are searchable by Google and if there is a community of "Neowinians" and a community of the Internet  and if members feel they are helping a community by posting here, then it would always make sense to treat all OP as "Abstract Generic Entities" who submit questions as "FAQ Canditates" and see what sort of interesting ideas we could present by using the original question as a brainstorming starter.

 

Because bashing on the OP is really boring...

 

I see 3 possible interesting issues that the OP raises:

 

1. File repository sites of commonly useful software are popular because they do in fact present a theoretical convenience that is obviously overridden if the site feels they need to package adware to cover the costs. Maybe there is a way to reverse that trend? 

 

2. If you download a file and the hash matches some hash where you downloaded the file from you have achieved logically nothing from a security perspective. You would need something more like a Blockchain that can follow a provenance trail perhaps? And some standard W3C/Browser support to automatically check hash/blockchain becuase very few individuals will even check a hash.

 

3. Also, the common hash algorithms are no longer as secure and there needs to be an agreed upon new standard with enough bit depth to last for maybe the next decade in the face of Quantum Computing?

 

 

[T3X4S]

23 minutes ago, DevTech said:

...

 

3. Also, the common hash algorithms are no longer as secure and there needs to be an agreed upon new standard with enough bit depth to last for maybe the next decade in the face of Quantum Computing?

 

 

Hashes, in the current form(s), are completely useless in the face of Q computing.  The very nature of Q encryption means simply "looking" at an item changes the item.  It is this fundamental aspect of quantum physics (Heisenberg's Uncertainty Principle) that is @ the very heart of Q computing/encryption.

1 hour ago, adrynalyne said:

The paranoia is strong with this one. The OP has shown in past posts that he just doesn't understand computers and software. 

This makes me want to read his past posts

Edited March 26, 2017 by T3X4S

[adrynalyne]

6 minutes ago, T3X4S said:

Hashes, in the current form(s), are completely useless in the face of Q computing.  The very nature of Q encryption means simply "looking" at an item changes the item.  It is this fundamental aspect of quantum physics (Heisenberg's Uncertainty Principle) that is @ the very heart of Q computing.

This makes me want to read his past posts

Trust me, you don't. 

[T3X4S]

10 minutes ago, adrynalyne said:

Trust me, you don't. 

I did !  I had too !

And let me just say, 

[DevTech]

27 minutes ago, T3X4S said:

Hashes, in the current form(s), are completely useless in the face of Q computing.  The very nature of Q encryption means simply "looking" at an item changes the item.  It is this fundamental aspect of quantum physics (Heisenberg's Uncertainty Principle) that is @ the very heart of Q computing/encryption.

 

I think maybe that you are confusing two different things.

 

1. The use of Quantum Entanglement means that you could have a communication via fibre optics that collapses if it is as you put it "looked at"

 

2. Long before that sort of communications is worked out and then somehow gets enough bandwidth and cost reduction decades later to be a download channel for the average consumer, there will be insanely powerful and expensive Quantum Computers that can calculate stuff like hashes. They are already being delivered to customers (in prototype form and not yet good for much) and will certainly be affordable by the same commercial (criminal) organizations that brought us botnets.

 

Side note: IPV6 already gives me severe privacy violation "Big Brother" "Heebie Jeebies" with potential 100% loss of anonymity so the secure Quantum Communications of point #1 would appear to put the last nail in the coffin of freedom if it ever came into being without strict oversight by an international organization but I guess in that time frame we have the "grey goo" problem and well whatever Google is planning with its purchase of that Killer Robot company...

[Mindovermaster Moderator]

1 hour ago, TAZMINATOR said:

You are telling me like i didn't know that....

 

I know that.   I fix the computers from home for years.   People come to me and saying that they get virus, malware, etc.   I cleaned them off for them.

Guess you didn't catch it as a joke. My bad... I'm sure you did this stuff, too.

[T3X4S]

37 minutes ago, DevTech said:

I think maybe that you are confusing two different things.

 

1. The use of Quantum Entanglement means that you could have a communication via fibre optics that collapses if it is as you put it "looked at"

 

2. Long before that sort of communications is worked out and then somehow gets enough bandwidth and cost reduction decades later to be a download channel for the average consumer, there will be insanely powerful and expensive Quantum Computers that can calculate stuff like hashes. They are already being delivered to customers (in prototype form and not yet good for much) and will certainly be affordable by the same commercial (criminal) organizations that brought us botnets.

 

Side note: IPV6 already gives me severe privacy violation "Big Brother" "Heebie Jeebies" with potential 100% loss of anonymity so the secure Quantum Communications of point #1 would appear to put the last nail in the coffin of freedom if it ever came into being without strict oversight by an international organization but I guess in that time frame we have the "grey goo" problem and well whatever Google is planning with its purchase of that Killer Robot company...

I cant comment on all the conspiracy stuff - I dont want to get into that.  
But my comments had nothing to do with fiber connections, nothing to do with bandwidth.  My comment was simply about quantum encryption, and HUP making eavesdropping (man in the middle)  pointless.
Hashes, would change the second any observation was done due to HUP.

As far as everything else you were talking about - the only thing that made sense was the stuff about Q:wave being a worthless refrigerator, and nothing close to a Q computer.

If you think I had something confused, it is only because you mistook what I was saying - because I happen to know a little bit about this stuff.  So I apologize if I wasnt clear in what I was saying, but I am not mistaken.

BTW - your 1st bullet point made no sense.
quantum entanglement does appear to pass any data - therefore any mention of bandwidth, or data transfer is fundamentally incorrect.

All tests have shown that if data is passed in QE - its done faster than the speed of light - therefore - modern thought is data is not being transferred - it is the same electron in 2 places - not 1 sending data to another.
 

[DevTech]

8 minutes ago, T3X4S said:

I cant comment on all the conspiracy stuff - I dont want to get into that.  
But my comments had nothing to do with fiber connections, nothing to do with bandwidth.  My comment was simply about quantum encryption, and HUP making eavesdropping (man in the middle)  pointless.
Hashes, would change the second any observation was done due to HUP.

As far as everything else you were talking about - the only thing that made sense was the stuff about Q:wave being a worthless refrigerator, and nothing close to a Q computer.

If you think I had something confused, it is only because you mistook what I was saying - because I happen to know a little bit about this stuff.  So I apologize if I wasnt clear in what I was saying, but I am not mistaken.

BTW - your 1st bullet point made no sense.
quantum entanglement does appear to pass any data - therefore any mention of bandwidth, or data transfer is fundamentally incorrect.

All tests have shown that if data is passed in QE - its done faster than the speed of light - therefore - modern thought is data is not being transferred - it is the same electron in 2 places - not 1 sending data to another.
 

1.  I let my personal conviction that there is more going on with entanglement than is covered in "classical" Quantum Mechanics turn that point into total garbage and thanks for clarifying the dog poop nature of that one. 

 

2.  I was never originally talking about Quantum Encryption although I did manage to throw it into the dog poop anyways. I was simply saying that the CPU power Quantum or otherwise to blow through current hashes is in the immediate near term category. It is a current problem to make forecasts on what sort of hash you could apply today that will hold for a reasonable time frame. That was pretty much my entire concern with that one.

 

3. I have given zero thought to Quantum Encryption other than it seems to imply an alarming level of identity authentication to work out in practice. I'd love to be totally completely wrong about that.

 

4. I'm not wrong about "the risk" of IPV6 however. If you carry devices with a globally unique address and live in a home full of devices with globally unique addresses then it's much more of an inference than a conspiracy to predict that data will be gathered and portrayed to you as "improving" your security which is currently exactly what all the large tech companies are saying about connecting all your logins to your (GPS capable) cell phone number. I actually believe that Microsoft and others have good intentions with this and it will start out well. But they haven't thought through the IPv6 cloud of devices that will be connected to you eventually and how all that data goes to the Cloud and never dies. People find "stalkers" creepy but with the coming Big Data stream available to datamine and ML for every single individual one of us and not an anonymized aggregate, it seems to me that "Absolute Power Corrupts Absolutely" comes into play. Maybe as we go along lots of government oversight will gradually spring up but for some reason geeks just see the "infinite" addresses of IPV6 as a "good thing" and there is no conversation going on about what that means in human terms. I originally was excited about the giant RAM-like addressable space of IPV6 and might never have given this any thought except by accident it collided with a childhood memory of a friend's father rolling up his sleeve and showing me the serial number that had been tattooed on his arm in a German concentration camp. He was fortunate to survive and build a life but it's one of those memories that seem somehow life changing, It wasn't abstract from a book, I was looking intently at actual ink in his skin and how that number attempted to take away his right to be human. So maybe i'm worried about nothing. After all, correlation is not causation.

 

[+BudMan MVC]

So is the OP trying to know how to create hashes - and wondering why his doesn't match some websites?

 

I am still confused as to what this thread is actually about - just like most every other thread the OP has ever created

 

Now if we want to start talking about Quantum computing or entanglement that could be fun - but prob should be in a different section..

 

As to everyone having a global IP (ipv6) that can directly be tied back to them - I will agree that the security/privacy implications that this will bring forward would also be a great topic for discussion.. And yes this will change many aspects of security and privacy!!  That may have not been thought all the way through..

 

Keep in mind pretty much everyone currently carries around a phone that is tied to them and can quite easy track your very accurate location 24/7.. And then you also pay for goods with this device which just ads to the information available to where you are and what your doing..   This can be life saving for sure - but "privacy" could be a concern here is it not?  But people do not think of this - nor do they think about it when they use their CC or discount cards or that there are cameras everywhere that can do facial recognition very easy, etc. etc..

 

BTW its quite possible that the OP is very knowledgeable on what he is trying to discuss - but it is being lost in the translation... I would think that if I ran everything through google translate to mandarin or something and tried to discuss a technical topic with a native speaker that it could come off very confusing   I really do think this person is just running through some sort of translation software and their native language (whatever that might be, since clearly its not english) grammar/syntax does not translate over well.

 

While translation services can get basic topics and concepts across.  We are not quite to the universal translators of star trek as of yet   Or maybe wherever he is picking up english is just horrible (Maybe old Chinese kungfu movies with subtitles?) While sure he could order a beer or find the bathroom using it..  As to discussion of technical topics clearly there is a huge disconnection...  Or maybe he is just stoned??  Or I am? hehehe

 

Maybe there is someone here that speaks his native language, while also actually being fluent in english and could translate for us!!  I know for sure my understanding of any other language than english is limited to ordering a beer and saying good morning, night, day.  While beer is really the most important phrase you need to know when traveling.. heheh And can quite often be accomplished with pointing and grunting and or miming.. So I have a great admiration for anyone that can even somewhat converse in more than one language..  So I want to give the OP a lot of latitude - but it is becoming funny/frustrating all at the same time..

[kifirefox]

really the subject seems to be very wide, but get in quantum physics I think anybody here overreacting and super stimulating conversation on the topic.

 

Let's see, let's see this hash here and shows here the result.

https://www.sumatrapdfreader.org/download-free-pdf-viewer.html

https://www.sumatrapdfreader.org/dl/SumatraPDF-3.1.2-install.exe (x86)

[Jim K Global Moderator]

What are you asking kifirefox?  

 

I feel there is a language barrier somewhere ... but you've been given sound advice (download from the original source).  Not sure what you're asking regarding hash checking (I understand it...just not sure what you're asking).

 

As others have pointed out ... get the software from the developer's website (i.e. Firefox from mozilla.org).

[+BudMan MVC]

why???  Seems utterly freaking pointless..

 

Especially since the author doesn't seem to actually give what the hashes should be..

 

Only thing I can tell from that website is the author is I guess color blind, with zero creative web design background.. Looking for the dancing baby gif.. Should be on there somewhere

 

Is that you don't understand what the hashes are used for???  An author of a something.. Gives out the hashes, this is a way for someone to validate they have what the author intended the users to have.. It has not be altered and the download was good if your hash matches what the author says it should be.  If it does not match then either your download went wrong or someone altered the file..

 

The only point of someone posting the hash they get from that site would be to validate that say the one I get works, and here is it hash.. If you do not match that then your downloads are being corrupted and could explain why its failing to run/install/etc.

[xendrome]

55 minutes ago, kifirefox said:

really the subject seems to be very wide, but get in quantum physics I think anybody here overreacting and super stimulating conversation on the topic.

 

[kifirefox]

On 25/03/2017 at 7:13 AM, BudMan said:

So I see my hash in this file..

https://ftp.mozilla.org/pub/firefox/releases/52.0.1/SHA256SUMS

2856ffff9fefb0bbbad79f0b9fcfa471ff473c61610e3a5a0566b43de3cd4bb1  win64/en-US/Firefox Setup 52.0.1.exe

And in the 512

https://ftp.mozilla.org/pub/firefox/releases/52.0.1/SHA512SUMS

12401b9d67f78c0428891d6f00c21ec7d704b3edb0e38f79641b0e0b421f44f284841d0d025605c247691c219db80ac26d421e0669c3adf5d4e3e42175e17e08  win64/en-US/Firefox Setup 52.0.1.exe

 

 

https://ftp.mozilla.org/pub/firefox/releases/52.0.1/win64/en-US/

54c09b8d242ce24e90e2db2d2f1d3901

e83a50f5230571492e643e49333670f3ef3e40a3

2856ffff9fefb0bbbad79f0b9fcfa471ff473c61610e3a5a0566b43de3cd4bb1

 

https://ftp.mozilla.org/pub/firefox/releases/52.0.1/win64-EME-free/en-US/

34768d234d6eacaeae296762c53498a5

bd8d9cd90d61bd85d1775a04b38637b1f7dda0a6

393ea18ae57c5ea451da113617ea092fb94b76ad0a3f7b42c3e6053c0949fcaa

 

[xendrome]

1 minute ago, kifirefox said:

 

 

https://ftp.mozilla.org/pub/firefox/releases/52.0.1/win64/en-US/

54c09b8d242ce24e90e2db2d2f1d3901

e83a50f5230571492e643e49333670f3ef3e40a3

2856ffff9fefb0bbbad79f0b9fcfa471ff473c61610e3a5a0566b43de3cd4bb1

 

https://ftp.mozilla.org/pub/firefox/releases/52.0.1/win64-EME-free/en-US/

34768d234d6eacaeae296762c53498a5

bd8d9cd90d61bd85d1775a04b38637b1f7dda0a6

393ea18ae57c5ea451da113617ea092fb94b76ad0a3f7b42c3e6053c0949fcaa

 

Yes and your point? Two totally different files have two totally different hashes.

[Mindovermaster Moderator]

1 hour ago, xendrome said:

Yes and your point? Two totally different files have two totally different hashes.

Uhh, yeah. I was wondering myself wth he was talking about... They're two entirely different files, of course they have different hashes...

[Riggers]

Ok kifirefox, lets go about this a slightly different way...

 

Lets say you go to the Sumatra homepage like you linked to above and downloaded the 64Bit install exe. The Sumatra website has an entry stating what the hashes should be so after download the file is hash checked and you get this:

 

File: C:\xyz\SumatraPDF-3.1.2-64-install.exe
Size: 5208720 bytes
File Version: 3.1.2
Modified: 26 March 2017, 20:45:53
MD5: 904A7DC26E6326191374082BD9F2F753
SHA1: 593E9B0D96F07783DF13F1B311548069961465FB
CRC32: 6781FE2C

 

This is exactly the same as the Sumatra website said it should be so you can be pretty confident it hasn`t been tampered with in any way!

Now you go to some download site, say Softpedia or Filehippo and download SumatraPDF-3.1.2-64-install.exe then run it through your hash checker. If the result is exactly the same as it says on the Sumatra website then the file is exactly the same, if the hashes don`t match then you don`t know what the file is, it could be anything, ad wrapped, modified, etc...

[Eric Veteran]

On 3/25/2017 at 2:53 PM, kifirefox said:

I really do not understand why someone would download something on each separate site, having a website that provides all the programs on one site.

I just down my programs and utilities in download sites because it is easier to find than to search for google.

Has a lot of good download site to do your downloads, and the softpedia is one of the best.

Because of digital infections. Just get your software directly from the source. Softpedia is absoultely not "one of the best."

[kifirefox]

3 hours ago, Riggers said:

Ok kifirefox, lets go about this a slightly different way...

 

Lets say you go to the Sumatra homepage like you linked to above and downloaded the 64Bit install exe. The Sumatra website has an entry stating what the hashes should be so after download the file is hash checked and you get this:

 

File: C:\xyz\SumatraPDF-3.1.2-64-install.exe
Size: 5208720 bytes
File Version: 3.1.2
Modified: 26 March 2017, 20:45:53
MD5: 904A7DC26E6326191374082BD9F2F753
SHA1: 593E9B0D96F07783DF13F1B311548069961465FB
CRC32: 6781FE2C

 

This is exactly the same as the Sumatra website said it should be so you can be pretty confident it hasn`t been tampered with in any way!

Now you go to some download site, say Softpedia or Filehippo and download SumatraPDF-3.1.2-64-install.exe then run it through your hash checker. If the result is exactly the same as it says on the Sumatra website then the file is exactly the same, if the hashes don`t match then you don`t know what the file is, it could be anything, ad wrapped, modified, etc...

https://www.sumatrapdfreader.org/dl/SumatraPDF-3.1.2-64-install.exe

904a7dc26e6326191374082bd9f2f753

593e9b0d96f07783df13f1b311548069961465fb

6081686cacf010bccc0617a848f2963be7ec44f98dd1daf62dc8eae448195b93
 

 

 

[Mindovermaster Moderator]

Your point? MD5 and SHA1 are the same. CRC is probably different because it was modified on a different date.