PocketHash
PocketHash
Just submitted to DB
http://www.portablefreeware.com/index.php?id=2713
100% Stealth portable AFAICT.
http://www.portablefreeware.com/index.php?id=2713
100% Stealth portable AFAICT.
Re: PocketHash
Thanks but maybe you should send pockethash.exe to VirusTotal first to resolve the warning issue
Also, we do not have a member/user by the name hexatomium... please fix the "Suggested by" field.
Also, we do not have a member/user by the name hexatomium... please fix the "Suggested by" field.
Re: PocketHash
Thanks for checking!
What kind of warning do you get?
According to VirusTotal, it's clean, so I'm a little confused:
https://www.virustotal.com/en/file/c18a ... /analysis/
I have fixed the "suggested by" field and put my own username, as the author is a friend of mine.
What kind of warning do you get?
According to VirusTotal, it's clean, so I'm a little confused:
https://www.virustotal.com/en/file/c18a ... /analysis/
I have fixed the "suggested by" field and put my own username, as the author is a friend of mine.
Re: PocketHash
Avast blocks the download.
Avast is prone to false positives on portable versions of standard software. Normally OK on standard freeware
Suggest you resolve this somehow
Avast is prone to false positives on portable versions of standard software. Normally OK on standard freeware
Suggest you resolve this somehow
Re: PocketHash
What is the detection name, or the reason given?JohnW wrote:Avast blocks the download.
Avast is prone to false positives on portable versions of standard software. Normally OK on standard freeware
Suggest you resolve this somehow
I will submit a false positive report to Avast.
FPs are more and more of a PITA for small indie devs.
Code signing sometimes helps, but is costly.
Re: PocketHash
Avast describes the infection as DRep
Re: PocketHash
Avast Web Shield blocks it; DRep (DomainRep).flatfly wrote:Thanks for checking!
What kind of warning do you get?
See https://forum.avast.com/index.php?topic ... msg1164286
Tested PocketHash v1.03: Portable
Re: PocketHash
Please consider removing the link that "opens the homepage of PocketHash."
Re: PocketHash
The next version will look something like this (and will support SHA-256 as well). Does that look better to you?I am Baas wrote:Please consider removing the link that "opens the homepage of PocketHash."
Re: PocketHash
Looks good. Can I also make a few suggestions?flatfly wrote:Does that look better to you?
First, referencing my favorite simple hasher for a long time Hash:
- Copy button for the entire output
- Log file style output window
Second, if you're okay with some configuration (ability to change settings):
- The ability to swap out for a given set of hashes
- Support for CRC32 and all the SHAs
I can mockup something if that sounds interesting.
Re: PocketHash 1.17
PocketHash at version 1.17, screens:
PocketHash version 1.17 - without hex preview (animated image):
PocketHash version 1.17 - with hex preview (animated image):
To use PocketHash safely I blocked VirusTotal using hosts file:
PocketHash version 1.17 - without hex preview - virustotal blocked (animated image):
PocketHash version 1.17 - with hex preview - virustotal blocked (animated image):
I would like to thank the developer for adding several enhancements I suggested.
PocketHash version 1.17 - without hex preview (animated image):
PocketHash version 1.17 - with hex preview (animated image):
To use PocketHash safely I blocked VirusTotal using hosts file:
PocketHash version 1.17 - without hex preview - virustotal blocked (animated image):
PocketHash version 1.17 - with hex preview - virustotal blocked (animated image):
I would like to thank the developer for adding several enhancements I suggested.
Re: PocketHash
Since we're debating this, the ability to write a specific hash directly to file in a standard fashion is my foremost requirement.
All the copy buttons are fine and dandy for irregular use, but wouldn't it be more convenient if you dropped a file (or a set) on Pockethash and get a '[same_filename].md5' straight away containing the corresponding hash ready for later verification, for example?
Regarding webfork's doubts on the best choice of hashing standards, let me refer back to Wikipedia's article on "Hash function security summary", based on which I advocate that crc32, md5 and SHA-1 must be retained for historical reasons, but that SHA256 is now the absolute baseline for anyone concerned with this.
Also note that more obscure standards can be freely added to the mix but most of them are currently considered severely impaired from a security point of view.
Lastly, I agree with smaragdus that VirusTotal checking should be made optional: no one wants to be submitting a log of all their hashing operations to a Google subsidiary on a permanent basis.
All the copy buttons are fine and dandy for irregular use, but wouldn't it be more convenient if you dropped a file (or a set) on Pockethash and get a '[same_filename].md5' straight away containing the corresponding hash ready for later verification, for example?
Regarding webfork's doubts on the best choice of hashing standards, let me refer back to Wikipedia's article on "Hash function security summary", based on which I advocate that crc32, md5 and SHA-1 must be retained for historical reasons, but that SHA256 is now the absolute baseline for anyone concerned with this.
Also note that more obscure standards can be freely added to the mix but most of them are currently considered severely impaired from a security point of view.
Lastly, I agree with smaragdus that VirusTotal checking should be made optional: no one wants to be submitting a log of all their hashing operations to a Google subsidiary on a permanent basis.
Re: PocketHash
Hash function security matters only if you're concerned about the possibility that someone has intentionally replaced the file with something malicious but retained the hash (which, AFAIK, is only a theoretical possibility, and no one has actually carried out such an attack in the wild). If you're only checking if the file has corrupted during the download, MD5 or even CRC32 is fine.Midas wrote: ↑Sat Jun 23, 2018 4:57 am Regarding webfork's doubts on the best choice of hashing standards, let me refer back to Wikipedia's article on "Hash function security summary", based on which I advocate that crc32, md5 and SHA-1 must be retained for historical reasons, but that SHA256 is now the absolute baseline for anyone concerned with this.
My YouTube channel | Release date of my 13th playlist: August 24, 2020
Re: PocketHash
Sidenote: I like the icon the user selected.
Agreed. As useful as VirusTotal checks are, it's ideal to make them available but disabled by default. An increasing number of connection points are used by Google, so just submitting them outside adds to a user profile.
Agreed. Corruption checks are fairly easy for computers and even ancient algorithms (like CRC32) are more than adequate. It's that files can be crafted by computers to appear legitimate is the major threat and really only SHA-256 is (currently) considered safe.
Re: PocketHash
I solved my own problem with md5deep: check the script at viewtopic.php?t=24253...Midas wrote: ↑Since we're debating this, the ability to write a specific hash directly to file in a standard fashion is my foremost requirement.