burner-account

Hi there. Sorry, I just made this burner account real quick to pitch in my two cents on this. I was also looking for a way to verify the integrity of my MB file when I stumbled across this thread. The developers could create a gpg signature file that can be downloaded with the .exe file and the checksum file, and provide a public key that can be used to authenticate the .sig file. Then the gpg signature can be used to verify the checksum file. This way users will know for certain whether or not their checksum file was signed by the developers. If the checksum file is verified as authentic from the developers, then the SHA hash can be safely used to verify the integrity of the .exe file. This is more involved, but most users who are looking to verify their software this way probably already know what they're doing to at least some degree. The ones who don't are clearly willing to learn, because they're looking into it. Basic user guides can be written in a matter of minutes to be included on the download page, and there are plenty of in depth guides on youtube and other websites and forums. And if I know I.T. offices, I know there is at least one person in the office who has time to add a few helpful links on the download page. lol