Just downloading some updates and checking #SHA hashes, like you do. Insofar as people actually bother, I wonder how many people just look at the first few digits and the last few digits and call it a day. Which raises a question: has anyone ever explored the idea of hash "partial" collisions in a crypto context? I.e. if the first and last 8 hex digits are the same, but the middle could differ. Might be a useful thing for some attackers trying to deposit nasty things in public repositories. #Malware#HashCollisions#Cryptography#Software#InfoSec#SupplyChain