Has Bitwarden released a sha256 checksum for their downloads? If not, how can I be sure the file I am downloading is authentic? Seems like it defeats the purpose of open source if you can’t check the hash.
1 Like
Is that the same thing? I don’t mean to be difficult, but how do I know the certificate hasn’t been tampered with?
2 Likes
Yes, I’m slightly confused that Bitwarden doesn’t provide a hash for security reasons…
or even just to make sure the integrity of the download is good bit-for-bit…
Isn’t this a normal security / file integrity protocol?
I’ve been using the auto-update feature ever since my first install but for some reason, the below version is NOT auto-sensing there is an update available… I don’t know why, I’ve even turned off my Firewall just in case but it’s still not auto-sensing the update…
THUS now I’ve got to download a new version and install it and I’m looking all over for the file HASH and just found this thread so I’m guessing it’s not provided normally…
For security, this feels a bit odd honestly…
(just FYI, I pay for a premium account and just love Bitwarded it’s freaking awesome)
This version did not auto-sense that the update was available for some reason just FYI.
Version 2023.4.0
Shell 21.3.1
Renderer 106.0.5249.181
Node 16.16.0
Architecture x64
Bit confused by this, as Bitwarden does provide a standard SHA256 checksum within the clients releases repo for both the desktop client and CLI, as well as the docker stubbed version for the server release image.