• Welcome to Support Forum: Get Support for Patch My PC Products and Services.
 

Do you verify the integrity of software before providing them to us?

Started by Isaak, March 28, 2018, 02:29:33 AM

Previous topic - Next topic

Isaak

Hi

Many software producers provide users with hashes or PGP signatures that verify the integrity of the files, so that what they provide also is what you get and not a manipulated version that contains some kind of malware or backdoor.

Do you also verify the file integrities in this way before providing them to us through the PatchMyPC software?

Thanks for your software :-)

Justin Chalfant (Patch My PC)

Hey,

Great question. Right now, we ensure we always use the official mirrors provided by vendors. We aren't currently doing hash comparisons to compare the installer tested during our update vs the file downloaded. Since many applications use the same URL's for the current versions download hash mismatches would happen all the time.

Isaak

It would be really helpful if you did verify the integrity of all the software. For some software it's essential to guarantee as much as possible that the software has not been manipulated. I'm talking for example about password managers like KeePass.