[1/๐งต] A brief #thread on how to properly download and verify your newest #IOTA #Firefly Windows version. ๐ 
[2/10] You might be wondering why @iota doesn't allow you to download & upgrade the version via the client.
To be honest, this would definitely improve usability (#UX), but it would also need the user to trust the DL content.
That is precisely what we do not want with #crypto.
To be honest, this would definitely improve usability (#UX), but it would also need the user to trust the DL content.
That is precisely what we do not want with #crypto.
[3/10] Who knows whether the network path from #github to your PC wasn't intercepted and a man in the middle (#MITM) replaced your downloaded program with a slightly different one.
To ensure that the program you are installing is the one meant for you, verify the #hashes. ๐
To ensure that the program you are installing is the one meant for you, verify the #hashes. ๐
[4/10] Before we get into the technicalities, let me demonstrate & prove to you that altering just a small portion of whatever you're hashing results in an entirely different hash
1โฃ โ A notepad file beginning with the letter "a"
2โฃ โ A notepad file beginning with the letter "b"
1โฃ โ A notepad file beginning with the letter "a"
2โฃ โ A notepad file beginning with the letter "b"
[5/10] The same is true for any other program, including the #firefly desktop wallet.
So, to be absolutely certain that nothing has changed, we must manually (I know, it's a pain) compare the #hash that we produced ourselves to the one that was given to the public.
#LFG ๐ค
So, to be absolutely certain that nothing has changed, we must manually (I know, it's a pain) compare the #hash that we produced ourselves to the one that was given to the public.
#LFG ๐ค
[6/10] Step 1โฃ โ Download the software
First, we download the latest application from #github as normal.
For this, we examine the release candidates that have been publicly *cough* released. ๐
github.com/iotaledger/firโฆ
First, we download the latest application from #github as normal.
For this, we examine the release candidates that have been publicly *cough* released. ๐
github.com/iotaledger/firโฆ
[7/10] Step 2โฃ โ Open CMD.exe
Next, we launch #cmd.exe (without administrative privileges) and enter the following:
โถ๏ธ cd %userprofile%\Downloads
(We are now inside the folder containing the #IOTA #Firefly wallet software.)
Next, we launch #cmd.exe (without administrative privileges) and enter the following:
โถ๏ธ cd %userprofile%\Downloads
(We are now inside the folder containing the #IOTA #Firefly wallet software.)
[8/10] Step 3โฃ โ Generate a SHA256 hash
To accomplish so, enter the following command after accessing your "Downloads" folder:
โถ๏ธ certutil -hashfile "firefly-desktop-1.7.1.exe" SHA256
To accomplish so, enter the following command after accessing your "Downloads" folder:
โถ๏ธ certutil -hashfile "firefly-desktop-1.7.1.exe" SHA256
[9/10] Step 4โฃ โ Compare the hashes
We're almost there! ๐
The next step is to compare the #SHA256 hash we generated with the one the @iota Foundation published on #github to determine whether or not our download was tampered with.
We're almost there! ๐
The next step is to compare the #SHA256 hash we generated with the one the @iota Foundation published on #github to determine whether or not our download was tampered with.
[10/10] That seems good to me! ๐ฅณ
If you don't believe me and want the official guide and walk-through, here it is:
wiki.iota.org/introduction/hโฆ
That's all! If you appreciated it and learned something from it, please add your name to my list of followers: @krippenreiter ๐ป
If you don't believe me and want the official guide and walk-through, here it is:
wiki.iota.org/introduction/hโฆ
That's all! If you appreciated it and learned something from it, please add your name to my list of followers: @krippenreiter ๐ป
@threadreaderapp unroll
โข โข โข
Missing some Tweet in this thread? You can try to
force a refresh
ใ
