Main Pages
 




 
 
 

Verifying Digitally Signed Software

All of our installations and the programs of ours that they install are digitally signed by Dexadine, Inc. To do this we had to prove to a Certification Authority that we are who we say we are and then receive a digital signing certificate from them.

So why should you care? Because it's statistically improbable that a digitally signed program can be altered in any way without invalidating the digital signature. Thus, if the digital signature is OK, you're assured that the program is exactly as it was when we signed it. If a file gets corrupted during download, infected by a virus, or modified by someone else the digital signature will be invalid.



Windows XP and Vista

Starting in 2016 Microsoft is enforcing new security rules.

Files downloaded from the internet that are digitally signed after 2015 must now be signed with a higher security certificate (SHA-2).

However, Windows XP and Vista don't support these new requirements. At least with XP, you won't see any warning when downloading files, but if you check the digital signature manually it shows as invalid, but this is only because XP doesn't support SHA-2. Most likely the file is OK, but proceed at your own risk.

Vista has the same issue, but may also display a warning message when downloading files signed with an SHA-2 certificate.



To verify one of our files, open either Windows Explorer or My Computer and browse to the folder where you downloaded the file to and then right mouse click on the file name. In the menu that pops up select Properties as shown below.

The Properties dialog opens and displays a number of tabs near the top. Select the Digital Signatures tab and you'll see Dexadine, Inc. in the Signature list. Click on our name and then click the Details button to open the Digital Signature Details dialog as shown below.

If the file is exactly as it was when it was signed by us it will say "This digital signature is OK" and our name will be listed in the Signer informaton box. At that point you know you have a good copy of one of our files.

As an experiment, we randomly changed just a single bit in the file and then checked the digital signature and as you can see below, the signature is not valid.

If you want more informaton about digital signatures, Microsoft has an artical titled Introduction to Code Signing that goes into much more detail.

Ballistic Explorer is a trademark of Dexadine, Inc.   All other products mentioned are registered trademarks or trademarks of their respective companies.
Last updated: January 27, 2016
Copyright 2016 by Dexadine, Inc.