Many of us see the term checksum and checksum outputs frequently but don’t really take the time to run them — oftentimes we simply trust the file we’ve downloaded is in working order and from the original source. This past weekend when I was attempting to recover my Bitcoin Cash, however, I wasn’t willing to chance it — I wanted to ensure the app/file hadn’t been compromised in any way.
For those who don’t know what a checksum is, I think this definition from Lifewire is helpful:
A checksum is the outcome of running an algorithm, called a cryptographic hash function, on a piece of data, usually a single file. Comparing the checksum that you generate from your version of the file, with the one provided by the source of the file, helps ensure that your copy of the file is genuine and error free.
Armed with the file I wanted, and the verified checksum provided by the author, I ran a checksum on the file in question:
shasum 1 logo.png # shasum: 1: # e78c5ca49b926a15b3d4e5107f3b17b2cc6fd54b logo.png
shasum is Mac’s command line command for checking checkums. The first argument represents which sha hash value you want to use (sha-1, sha-256, etc.) . The last argument is the file to check.
When it comes to financial and critical apps and files, it’s probably worth your time to run a quick checksum to ensure what you’ve downloaded is what you really want!