Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Checksum question

S

SkVan

Suspended
Original poster
Jun 5, 2016
19
11
Since Mavericks is no longer offered by Apple (either free of paid), I had a friend ask her classmate to upload a copy for me since she has it tied to her Mac App Store account.

If the MD5 and SHA256 hashes match with the hashes of the legit download, can I be assured that the OS X installer has not been tampered with and is safe?
 
SkVan said:
Since Mavericks is no longer offered by Apple (either free of paid), I had a friend ask her classmate to upload a copy for me since she has it tied to her Mac App Store account.

If the MD5 and SHA256 hashes match with the hashes of the legit download, can I be assured that the OS X installer has not been tampered with and is safe?
Click to expand...

Correct.
 
  • Like
Reactions: SkVan
BeefCake 15 said:
Correct.
Click to expand...
Thanks.

Are you aware of any reports of OS X itself being compromised by malware by hackers through modified downloads?

Like, could an infected OS X image compromise a Mac's BIOS/EFI (whatever it's called, the boot) or would it only compromise the install of OS X (which could then be amended by a wipe+clean install)?

Cheers.
 
SkVan said:
Thanks.

Are you aware of any reports of OS X itself being compromised by malware by hackers through modified downloads?

Like, could an infected OS X image compromise a Mac's BIOS/EFI (whatever it's called, the boot) or would it only compromise the install of OS X (which could then be amended by a wipe+clean install)?

Cheers.
Click to expand...

That would be a huge breakthrough to be able to beat the MD5 and hashes of the OS X installation. I'm not aware of any compromise of that sort and don't expect it to be a big issue as the majority of OS X installation come from the App Store to the users.
 
  • Like
Reactions: SkVan
BeefCake 15 said:
That would be a huge breakthrough to be able to beat the MD5 and hashes of the OS X installation. I'm not aware of any compromise of that sort and don't expect it to be a big issue as the majority of OS X installation come from the App Store to the users.
Click to expand...
MD5 is broken since 2005. SHA-256 and SHA-512 are the current standards for cryptographic file checksums.
 
  • Like
Reactions: BeefCake 15 and 997440
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back