I came across this forum post, https://portableapps.com/node/18388, about using the digital signature to check if a file has been downloaded correctly.
I will be travelling to a country that is known to seed incorrect files for known encryption products and browsers. i.e. If you try to download EFF's TOR, you will get a fake version of tor that will install malware instead. This is why there are PGP signatures on the website along with the downloaded files.
I am thinking about manually downloading and checking the md5 and signatures of the paf.exe files instead of using the PortableApps platform, but this will mean I won't know when to update Google Chrome Portable and may leave myself vulnerable to a flash exploit.
Essentially, I was wondering whether the automated updates via the PortableApps Platform, have any md5 or digital signature check.
Visit the Community page
Join our forums