[tor-talk] How can I verify that this "Onionshare" program is indeed the one intended for me to get?

oliver kafkane at riseup.net
Sat Nov 14 18:45:41 UTC 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Qaz:
> how I can verify that this
> Onionshare program is indeed the one intended for me to get?

this program is not affiliated with the Tor Project, so in order to get
specific assistance you'll have to talk to the original developer, Micah
Lee.

i'll help you, though. it appears you're fetching the project source
code from Micah's github repository for the project. the only way i can
think of verifying the authenticity is to hash the .deb file you build
before you install it.

i'm building on debian. my sha256 hash is below:

c6437462011f4d103df4f7407edfcfdd0df646dd274c9f61d1f10baecf094f13
deb_dist/onionshare_0.7.1-1_all.deb

good luck.

- -- 
oliver (A)

kafkane at riseup.net
4096R/AF2D5D34EEFBBDDF9542F95BFAEF521A729674D7
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJWR4FVAAoJEBPontSk+sK875sP/jYYT58zeSK2xMlubMKFbmiN
LRiiTXXhFQoC17L6GiAa9Xn2TlSXj/23TTnEx06xqDa6ZJXCTf9m2zv/zE4LZlOw
0Ch8ZZdZWmgmU40+ge2loZV8ek8HTjz42JgpEzD7J74PdFXvdkHfkJdJjLQXtrqT
i2vusuPa2lbAq9bYppMPbM4uWDCPr+YT3dG6EFCYYgAYMfXEwIPEusY2veNHRqsj
3dbgPZofH2vSelOyayLOWZg9NSdkfyJwrwFZdUu4dAGvX/KJ6hjdGwH9H5/L06LD
GXx9iIHoHtgDfBtyt3pdr28ryMlKBAcUBRKEIofxdCgLbRJJWgDUneUMWFTv5kdP
XBTybF+WGHutM42q7j8rn5iZOU6Fsza3Xqp25NUFlzeUjVg5UxhcCU+mDTSrK6IO
Qma5AazQbrmYMufBPNoIkdKgYr62IrvzYqFl1nObQd5AtppwAwQnOFT1EFHBtvZ6
1gDW0DvM/J5N9ZIJ9rBgRfHj8UoSxS/CinyAljuPMu3vYXd3KtEXZgmMlRzRVQuM
Nbz0WCa0c8CFdVFcGG7L76Fu29fz6PupsmA0grXvorw7smZ0UzYNsTkJh8JwFCDV
PrYiE59nQSl6EmQiM7QHSPoLS+IOrk6H0pIJ6KI8QW2KJnqQ3+PeCWnSVMu6QL89
QJiE1HgRSziHc0r7Kwij
=7uJd
-----END PGP SIGNATURE-----


More information about the tor-talk mailing list