Posts: 170
Registered: ‎09-20-2010

How to check that your download is genuine – using a checksum


If you have downloaded Sophos Anti-Virus for Mac Home Edition from a location other than Sophos, and you want to confirm that it is genuine, you will need to check whether it matches one of our checksums for authentic Sophos files, as displayed on the product page.


What is a checksum? Each version of an application has a unique checksum. This can be used to determine the authenticity of an application, whether to allow it through a firewall, etc.


What to do


Run the md5 checksum application as follows to obtain the checksum of the latest version of the installer:


  1. Open a Terminal and type md5
  2. Drag and drop the downloaded file from the location to which you have saved it to the Terminal so that its name and path appears after md5, e.g.  md5 <path/*.dmg>
  3. Click Return.
  4. The following is displayed
    md5 <path/*.dmg> = <checksum>
    where <checksum> is a hex number, something like: 60866ac0d36a938bc816115bc0e747b1


Make a note of this checksum and compare it with the checksum provided in the file on the Sophos downloads webpage.


Communities Moderator, Sophos
Knowledgebase  |  @SophosSupport  |  Video tutorials
If a post solves your question use the Accept as Solution button and award kudos.