by not_essence2 on Sun Oct 28, 2012 5:16 pm
([msg=70471]see Re: Checksum?[/msg])
Hmm.... I'm not sure, but checksum sure sounds like it's coming from a hash, and hashes are one-way functions (they can't be reverse engineered even if you knew how to hash it). Checksums are basically files full of hashes of all the programs you have (they take the program, break it down into bits and bytes, and use an algorithm to "hash" it) and use that as a checksum. If you change the files, the hash of those files will be different, and the computer finds out when it checks the file's hash against the hash it has stored of the file in its proper format, and the hash is different, so it knows that someone changed the files. Unless you can change the hashes it uses to check for compromised programs, not much can be done. (Yes, you could remove the program altogether, but that isn't really the way you want to go, takes too much time and you'll break the law, even if you just change the hashes, I believe)