.org - The Personal Website of Brian Millar
Twitter Profile Link Github Profile Link LinkedIn Profile Link

Security

If you believe the security of Ontropy.org or any of my projects may have been compromised in any way please do not hesitate to contact me immediately.

I take security very seriously on this site. Ontropy.org is a secure site and should never be visited over plain HTTP without SSL. Downloads from Ontropy.org are links to my Github account, the checksums for the downloads are hosted here meaning that should my Github account be compromised the checksums here should no longer match the files you get from my Github. Should the Ontropy.org server become compromised the attacker could alter the download links and also alter the checksums to match. In this case you should check that the links really point to my Github and not somewhere else and as an extra measure you can check the Ontropy.org source code on Github to see that the checksums there are the same as the ones on the live version of the site. Since the live site is updated by cloning this repo the two should always be identical. You may be wondering if my Github is compromised couldn't the attacker change the downloads, then change the checksums in the Ontropy.org source and then wait for the live site to clone that and be altered. This is not an issue as I perform the clone manually over SSH after pushing a change to the site, it is scripted but is not a cron job. If the attacker has changed my login I would get an authentication error when pushing the update, if they haven't I would get a notification that the remote repo is ahead of my local copy and I would know that something is up.

Checksums

Checksums for some projects are not yet available, eventually all projects will have checksums listed here.

CV / Résumé Checksums

SHA512 Checksum for Brian Millar.vcf

SHA512 Checksum for Brian_Millar_CV_NonTec.bmp

SHA512 Checksum for Brian_Millar_CV_NonTec.djvu

SHA512 Checksum for Brian_Millar_CV_NonTec.dvi

SHA512 Checksum for Brian_Millar_CV_NonTec.gif

SHA512 Checksum for Brian_Millar_CV_NonTec.html

SHA512 Checksum for Brian_Millar_CV_NonTec.jpg

SHA512 Checksum for Brian_Millar_CV_NonTec.pdf

SHA512 Checksum for Brian_Millar_CV_NonTec.png

SHA512 Checksum for Brian_Millar_CV_NonTec.ps

SHA512 Checksum for Brian_Millar_CV_NonTec.rtf

SHA512 Checksum for Brian_Millar_CV_NonTec.tex

SHA512 Checksum for Brian_Millar_CV_NonTec.tiff

SHA512 Checksum for Brian_Millar_CV_Tec.bmp

SHA512 Checksum for Brian_Millar_CV_Tec.djvu

SHA512 Checksum for Brian_Millar_CV_Tec.dvi

SHA512 Checksum for Brian_Millar_CV_Tec.gif

SHA512 Checksum for Brian_Millar_CV_Tec.html

SHA512 Checksum for Brian_Millar_CV_Tec.jpg

SHA512 Checksum for Brian_Millar_CV_Tec.pdf

SHA512 Checksum for Brian_Millar_CV_Tec.png

SHA512 Checksum for Brian_Millar_CV_Tec.ps

SHA512 Checksum for Brian_Millar_CV_Tec.rtf

SHA512 Checksum for Brian_Millar_CV_Tec.tex

SHA512 Checksum for Brian_Millar_CV_Tec.tiff


Verifying Checksums

To verify the checksums on GNU/Linux you should navigate to the folder containing the downloaded file, download the appropriate checksum file from the list above, place it in the same folder and run the first command on the right. You can read the sha512sum manual hereor by using running the second command on the right in a terminal. sha512sum-c<file>.sha512
mansha512sum
Examples
Example of a Successful Checksum Verification
Example of the Output from sha512sum when the Checksum Doesn't Match