[1/π§΅] A brief #thread on how to properly download and verify your newest #IOTA #Firefly Windows version. π 
[2/10] You might be wondering why @iota doesn't allow you to download & upgrade the version via the client.
To be honest, this would definitely improve usability (#UX), but it would also need the user to trust the DL content.
That is precisely what we do not want with #crypto.
To be honest, this would definitely improve usability (#UX), but it would also need the user to trust the DL content.
That is precisely what we do not want with #crypto.
[3/10] Who knows whether the network path from #github to your PC wasn't intercepted and a man in the middle (#MITM) replaced your downloaded program with a slightly different one.
To ensure that the program you are installing is the one meant for you, verify the #hashes. π
To ensure that the program you are installing is the one meant for you, verify the #hashes. π
[4/10] Before we get into the technicalities, let me demonstrate & prove to you that altering just a small portion of whatever you're hashing results in an entirely different hash
1β£ β A notepad file beginning with the letter "a"
2β£ β A notepad file beginning with the letter "b"
1β£ β A notepad file beginning with the letter "a"
2β£ β A notepad file beginning with the letter "b"
[5/10] The same is true for any other program, including the #firefly desktop wallet.
So, to be absolutely certain that nothing has changed, we must manually (I know, it's a pain) compare the #hash that we produced ourselves to the one that was given to the public.
#LFG π€
So, to be absolutely certain that nothing has changed, we must manually (I know, it's a pain) compare the #hash that we produced ourselves to the one that was given to the public.
#LFG π€
[6/10] Step 1β£ β Download the software
First, we download the latest application from #github as normal.
For this, we examine the release candidates that have been publicly *cough* released. π
github.com/iotaledger/firβ¦
First, we download the latest application from #github as normal.
For this, we examine the release candidates that have been publicly *cough* released. π
github.com/iotaledger/firβ¦
[7/10] Step 2β£ β Open CMD.exe
Next, we launch #cmd.exe (without administrative privileges) and enter the following:
βΆοΈ cd %userprofile%\Downloads
(We are now inside the folder containing the #IOTA #Firefly wallet software.)
Next, we launch #cmd.exe (without administrative privileges) and enter the following:
βΆοΈ cd %userprofile%\Downloads
(We are now inside the folder containing the #IOTA #Firefly wallet software.)
[8/10] Step 3β£ β Generate a SHA256 hash
To accomplish so, enter the following command after accessing your "Downloads" folder:
βΆοΈ certutil -hashfile "firefly-desktop-1.7.1.exe" SHA256
To accomplish so, enter the following command after accessing your "Downloads" folder:
βΆοΈ certutil -hashfile "firefly-desktop-1.7.1.exe" SHA256
[9/10] Step 4β£ β Compare the hashes
We're almost there! π
The next step is to compare the #SHA256 hash we generated with the one the @iota Foundation published on #github to determine whether or not our download was tampered with.
We're almost there! π
The next step is to compare the #SHA256 hash we generated with the one the @iota Foundation published on #github to determine whether or not our download was tampered with.
[10/10] That seems good to me! π₯³
If you don't believe me and want the official guide and walk-through, here it is:
wiki.iota.org/introduction/hβ¦
That's all! If you appreciated it and learned something from it, please add your name to my list of followers: @krippenreiter π»
If you don't believe me and want the official guide and walk-through, here it is:
wiki.iota.org/introduction/hβ¦
That's all! If you appreciated it and learned something from it, please add your name to my list of followers: @krippenreiter π»
@threadreaderapp unroll
β’ β’ β’
Missing some Tweet in this thread? You can try to
force a refresh
γ
