HACKER Q&A
📣 ohiovr

Is there a website with a database of untrustable sha256sums?


Every resource can have a sha256sum. Every resource could be rated as trusted or not trusted with comments. Is there a database somewhere that this knowledge is kept?

  👤 schoen Accepted Answer ✓
I think "untrustable" is a pretty broad category. There are lots of different purposes for which you might not trust something...

You might want to look at ClamAV's virus database or the VirusTotal service as examples of databases of reported malware. I think there are many others too, some of which might not be publicly downloadable or queryable. Often the people maintaining them either want to sell access, or collect new data from queries, or obscure from malware authors the extent to which particular malware is already known or detected.

Edit: the more general idea of "collecting people's comments on versions of files" was a startup called Bitzi which operated the "Bitpedia" collecting people's feedback on files. This could, for example, be used with file sharing to try to determine whether something was an authentic/high-quality copy of a particular work or not.

https://stackoverflow.com/questions/50914/search-by-hash

As I recall, Gordon Mohr is here on HN and might be able to answer whether there are other analogous services that are still operating.

👤 LinuxBender
Virustotal is one such site that has a massive database of checksums. I have no idea if they will share it or if you have to pay something. [1] There are also threat intel sites that manage databases of known bad things, but AFAIK they all cost money to access.

[1] - https://www.virustotal.com/