[Feature request] Enhanced downloading and verification.
Dr.Flay last edited by
Over the years I've used many download managers, and all have had unique features. Browsers tend to be basic, and never support the advanced options that have been available for many years. One of the reasons I like to use Shareaza for downloads is the ability to add available hashes to the file while it downloads [attachment=544]Shareaza-info.png[/attachment] It is about time browsers started to use hashes to validate files as well as certificates. Think of any Linux distro site, and the pile of extra info included as text with the DLs. MD5, SHA** etc. Usually people have to use this info manually afterwards to verify their DL with an external tool. All of that (and more) can be used in clickable magnet links, for more secure and verifiable DLs. Magnet does not require an engine or API addition, only logic and GUI additions. Regular DL boxes could have an extra text bar for pasting hashes. Choice of hash selected via mini drop down menu. This could easily work in Opera, because it already does it with torrents. As usual my suggestion was deemed pointless or too radical. Perhaps now we are more security aware, people will take it more seriously ? Here is an example of a magnet containing lots of info, all of which is optional to the client that uses it. http://forums.chaoticdreams.org/viewtopic.php?f=8&t=6672 The link is constructed to offer 1 permanent HTTP source, and 4 fileshare networks. Each network uses a hash. Vivaldi does not need to use the p2p networks, but could use the hash algorithms. All common regular OS hashes (MD5, SHA** etc.) are already supported. Multiple hashes could be used if required. This can help if one of the hashes is poor like MD5 or SHA1. Vivaldi could have an extra section in the download dialogue to add supported hashes like this; [attachment=542]V-DL2.jpg[/attachment] In Opera and FF, I use magnet and metalink plugins to detect the info on a page and turn them into clickable links Vivaldi could possibly do something similar as people tend to offer the hash text in a standard way for people to copy and paste. RAR and especialy RAR5 have robust CRC routines. If the free RAR libs can access the CRC and/or recovery info this could possibly be used to detect and/or fix a corrupt download. As VirusTotal use an open API, I don't see why we need a plugin when it could be a standard part of the browser security It will not add bulk. The Opera plugin is very basic, but the Firefox version makes a good example. (The FF download box gets added to) Several plugins make good use of this, notably VirusTotal. [attachment=546]FF-DLs.png[/attachment] Adding the checking at this stage, allows you to bypass obscured DL links so VT gets a precise URL. Right-clicking on links is becoming unreliable unless you use redirect bypasser plugins. "Check with VT" or "Validate" would be good here. Sysinternals Process Explorer now has fast integrated VT. I assume this is sending hashes via the VT API and getting quick results. [attachment=545]VTintegration.png[/attachment] If the same hash-type is found in the DL link or pasted in the DL, this can be quickly checked before the DL starts (eg. while the user is still choosing a save folder). I see this being useful for EXEs. The certificate (if used) is also shown on the VT site. If the certificate info is available via the API, it may be possible to tell if the file is a fake or cancelled before downloading. eg. The recently stolen Sony certs used to validate software. [attachment=543]Shareaza.jpg[/attachment] With minimal additions to the GUI, Vivaldi could be the first browser to tell users their DL is borked or valid and certified. Before, during or after DL. Related reading; http://arstechnica.com/security/2015/02/psa-your-crypto-apps-are-useless-unless-you-check-them-for-backdoors/ Attachments: [img]https://forum.vivaldi.net/uploads/attachments/7680/V-DL2.jpg[/img],[img]https://forum.vivaldi.net/uploads/attachments/7680/Shareaza.jpg[/img],[img]https://forum.vivaldi.net/uploads/attachments/7680/Shareaza-info.png[/img],[img]https://forum.vivaldi.net/uploads/attachments/7680/VTintegration.png[/img],[img]https://forum.vivaldi.net/uploads/attachments/7680/FF-DLs.png[/img]