0

I just started a download of a large file. Checksums were placed prominently on the download page. But I just realized that I actually never made use of any of the checksums provided for download integrity verification.

What are the reasons browsers do not provide such a feature from a security perspective?

Many browser do show some sort of popup when the download starts. So it would make sense there to have an option to enable verification.

SpaceTrucker
  • 173
  • 5
  • 4
    Because it's not standardized. – Lucas Kauffman Aug 14 '15 at 07:54
  • 1
    Some download managers provide this (e.g. DownThemAll add-on in Firefox). This question is more a question for the browsers people than a question about security. – M'vy Aug 14 '15 at 08:21
  • Even though there are some implications concerning user experience and browser design/standardization, there are as well some security implications, because a lot of downloads are still handled via plain http and can be intercepted and manipulated for example. – SpaceTrucker Aug 14 '15 at 08:36
  • if the file and the checksum are send using the same channel there is no use (if you can intercept and modify the document you can intercept and modify the checksum). – grandchamp robin Aug 14 '15 at 08:43
  • They do. The feature is called TLS. – user253751 Jan 31 '16 at 21:44

1 Answers1

2

Because it's not needed.

All protocols which are commonly used to download files either have a buildin mechanism to ensure integrity of the data stream or rely on a lower-level protocol (like TCP) to provide this. This is a reliable precation against accidental corruption of files in transfer.

When it comes to intentional corruption of files by a man-in-the-middle: Any attacker which can modify the data-stream of the download itself can very likely also modify the data-stream which is used to transfer the checksum, so it would not be an efficient security precation.

Such checksums only make sense when the website which advertises the file and the website which hosts the file are under control of different entities, like when you outsource your downloadable files to a 3rd party filehoster. But to automatize this, we would need a protocol which gives one server the authority to tell which files on another server are authentic. Such a protocol would have plenty of abuse potential.

Philipp
  • 49,017
  • 8
  • 127
  • 158
  • 1
    Regarding MITM: along [this question](http://security.stackexchange.com/questions/18853/why-arent-application-downloads-routinely-done-over-https) it is common to have the download page loaded via https and the download via http. So a MITM might only have access to the file download itself. – SpaceTrucker Aug 14 '15 at 09:46
  • A very simple protocol could be: browser requests `software.com/download`; `software.com` responds with `HTTP 30?, DownloadChecksum: ..., Location: shadymirror.org/filez/12399583`; browser downloads from `shadymirror.org` but verifies the checksum from `software.com`. This would only work for mirrors that support direct links, of course, so they couldn't force you to show ads or whatever, but those problems are also solveable. – Bart van Heukelom Jul 15 '20 at 12:48