Checking for Unsigned Programs

Checking for a publisher or developers digital signature is very important from a security standpoint. Downloading a file that has not been verified from a legitimate source may cause issues because the file may need a host to wreak havoc on. Even worse, an unverified program that has been installed can do a number of things to your system, especially if it has the ability to perform changes using administrative privileges.

Now that I know about Sigcheck, I may have to employ it more often when downloading executables from the Internet. It provides you with a plethora of information such as if it is verified or not, when it was signed, the publisher, version and most importantly the digital hashes (MD5, PESHA1, PE256 and SHA256). A few of the files and executables are unsigned so I will have to do further research as to what they actually are. Overall security of my systems at home are very high, Sigcheck will make them one step closer to being even more secure.

Verification of a digital signature meets a few of the objectives in Information Security such as Integrity, Authentication and Accounting. Integrity and Accounting of a digital signature can play the same role in that you know that the file or program that you let into your system is legitimate. In the Authentication aspect, you verify the file or programs digital signature and match this with a known signature from the developer. It is like allowing a person access to a nuclear power plant without first verifying who they are and what their purpose is.

When I download files from any peer-to-peer site, I appreciate it when the authors of the files add an MD5 hash. I also read all the comments to see if the file or program functions properly or if it has any special instructions. It reminds me of the U.S. Cyber Command’s (USCYBERCOM) mission statement which has an MD5 hash embedded in their logo.

9ec4c12949a4f31474f299058ce2b22a