[tor-dev] SHA-256 checksum mismatch

Yawning Angel yawning at schwanenlied.me
Thu Jun 2 08:31:42 UTC 2016

On Thu, 02 Jun 2016 03:59:04 -0400
Tuuranton <tuuranton at protonmail.ch> wrote:
> The SHA-256 checksum of the downloaded file
> https://www.torproject.org/dist/torbrowser/6.0/TorBrowser-6.0-osx64_en-US.dmg
> is on my computer
> 0f4f6ca01028c2956c811dd94d67a76feb507cad176c031f32e6f95873003b4c
> the SHA-256 checksum of the file
> TorBrowser-6.0-osx64_en-US.dmg
> should be
> d68d01889ba38764ebf2057b3cd3263f638a74205031a6d1df11ab8ca13a3618
> Why the mismatch?


Guess the actual release blog post didn't carry over the blurb
covering this (though 6.0a5 did):

> We plan to post instructions for removing the code signing parts on
> our website soon. This should make it easier to compare the bundles
> we build with the actual bundles we ship.

The instructions don't exist yet, see #18925.


Yawning Angel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20160602/078de5a5/attachment.sig>

More information about the tor-dev mailing list