I am a long time user of Sumatra PDF and I am very happy with the software overall. However, I am concerned that there are no checksums published on the website to cross check file integrity against the common hash algorithms such as MD5 (Deprecated), SHA1, SHA256, etc…
Is there a reason this layer of security is not being implemented?
Thank you for your time, and for everyone’s contributions to this project.
Publishing upstream hashes is only useful to check if a download is similar then that requires a tool to do the confirmation.
In theory every older SumatraPDF.exe has its own multiple onboard hash checks so you should very easily check a download was not corrupted/broken by looking to see the Authentication Cert is valid even if they are now out of date.
However at present the pre-releases don’t have certificates (upto $1000 for 3 years validity) so the simplest test is to use Virustotal to compare
Server
Download
