User Tools

Site Tools


file_integrity
Advertisement

File Integrity

What is a Checksum?

Without going to into much detail on this, a checksum is generated, in our case by our mercurial repository, based on the bytes contained in our viewer installers. If you would like to know more about checksums, then please see this Wiki document about checksums. We provide checksums for our downloads for several reasons, namely:

  • To provide our users with an option to check if the downloaded installer is authentic.
  • To provide our users with an option to check if their download was actually 100% successful.

We've said this many times in support, and we will say it again here: Do not download Phoenix Viewer from any sites other than http://phoenixviewer.com.

Why is This so Important?

It has come to our attention that some currently unknown people are providing downloads to Phoenix Viewer, however the installers provided by these people may contain malicious elements, or elements that violate the Second Life Terms of Service. If you are using a Phoenix Viewer which you have obtained from a different site, then you are putting your privacy and possibly personal information at risk.

How do I Know if My Installer is Authentic?

Windows

On Windows systems, you can download HashChecker which is an Open Source File Integrity Checker. After installing HashChecker, you can right click the Phoenix Viewer installer, and then Properties.
You will find a new tab called Checksums, in which you will see various checksums displayed.
Since we provide you with an SHA1 Hash, you can copy the hash displayed for the installer you downloaded, and enter this hash into the search field of HashChecker. If this entered Hash was found, your installer is authentic and quite likely not corrupted.

linux

On most linux distros, the command to use is sha1sum. On ubuntu distros and derivatives, this is part of the coreuitls package so should already be present on your system.

This is run from terminal. So once you have downloaded the archive, open Terminal and go to the directory where you saved it. The command syntax is:

sha1sum [name of archive]

This will generate the SHA1 checksum for the compressed file. A good way to have the checksum verified against the one supplied is to do something like the following example:

sha1sum archive_name | grep "1e90efcc4060e9220a257adbdf37174a4684b400"

Replace archive_name with the full name of the downloaded file you are checking, and the long number in quotes with the SHA1 checksum supplied on the Phoenix website. If the two values match exactly, grep will show the checksum; if they do not match, grep will show nothing.

Mac

To authenticate your Phoenix download on a Mac:

  • Open your Finder and locate the installer in your Downloads folder: [YOUR USERNAME]
  • Go to Applications/Utilities and open Terminal as well.
  • At the prompt in the Terminal window, type the following but do not hit Return/Enter yet:
  /usr/bin/openssl sha1
  • Note: There should be a single blank space at the end of the line, after “sha1”.
  • Drag the Phoenix installer from Downloads into the Terminal window. A path will appear that will look like this or similar, depending on the version of the viewer you are installing:
  /Users/[YOUR USERNAME]/Downloads/Phoenix_Viewer_1.5.2.1102_Intel.dmg    
  • You are dragging the installer itself, not the unpacked contents of the installer.
  • Now press Return/Enter.
  • After a moment, a line of text resembling this will appear:
  SHA1 (/Users/[YOUR USERNAME]/Downloads/Phoenix_Viewer_1.5.2.1102_Intel.dmg)=2eb722f340d4e57aa79bb5422b94d556888cbf38
  • The long string of letters and numbers is the checksum.
file_integrity.txt · Last modified: 2011/06/05 10:39 by miro.collas