|
Digitally
Signed Software
 |
Software vendors can digitally sign
and timestamp the software they distribute. The code
signing process ensures the end user knows the
digitally signed software is legitimate, comes from
a known software vendor and the code has not been
tampered with since being published.
All the
software products published by Digital Detective
have been digitally signed. This ensures that when
you use our software, you can verify that it has not
been tampered with and is a product developed and
released by Digital Detective Group.
|
|
This is
extremely important when using software for forensic
purposes. As a digital forensic
specialist/scientist, you demand excellence in the
products you use. You need to be sure that you
are using a genuine product which has been developed
and tested by the forensic software engineers at Digital Detective. |
 |
Installing Digitally Signed Software
When installing software products which have not
been digitally signed, you have no guarantee that they have
been produced by a legitimate software house or have been
tampered with by a third party. Would you really want
to rely upon software which has not been digitally signed in
a criminal or civil case? In Microsoft Windows Vista,
non-signed software will produce the dialogue box shown in
Image 1 below.
Image 1
When installing software that
has been signed, Microsoft Windows Vista will show the
dialogue in Image 2. This image shows that the
publisher is Digital Detective Group.
Image
2
When you select run, Microsoft
Windows Vista User Account Control asks for permission to
continue. UAC is designed to stop unauthorised changes
to your computer. In this case (Image 3), the dialogue
shows that the software you are installing is NetAnalysis
v2 and is published by Digital Detective Group.
This is because the setup executable has also been digitally
signed.
Image
3
Verifying Digitally Signed Software
To verify the digital signature
embedded within an individual executable or DLL, simply
right click on the item and select properties. This
will show the dialogue (Image 4) below. If the
software does not have a Digital Signature tab, then it has
not been digitally signed or the file has been tampered
with.
Clicking on the Digital
Signature tab shows the name of the signer, a contact email
address and a timestamp reflecting the date the file was
signed.
Image
4
Selecting the signature and
clicking on the details button opens another dialogue (Image
5). This allow you to verify whether the digital
signature is valid and also get further information from the
original digital certificate. This dialogue shows that
this executable file was digitally signed by Digital
Detective Group on November 2nd at 11:14:21 hours.
Image
5
As a further level of security,
all Digital Detective software downloads are MD5 hashed so
that you can verify the content has not been tampered with.
Please ensure that you only download Digital Detective
products from this website. Digital Detective does not
host any of our downloads on servers which are not
controlled by us. Image 6 below shows the MD5 section
for a download. Once the software has been obtained, the MD5
hash can be verified using your tool of choice.
Image
6
|