Brief: A GUI program to let you check the hash of your files to make sure it’s not malicious and true to its source.
Someone sends you a file, how do you verify that it is the original intended for you? How can you be sure it hasn’t been tampered with?
Also, how can you verify that the file is from an original source?
This is where cryptographic hash functions come in. A hash function (such as SHA-1) is a checksum if used to verify a file. This helps you confirm whether the file has been modified or not.
If you are curious, you can refer to our guide on checksum verification in Linux.
For each piece of information/file there will be a unique hash value (or checksum). So even if a very small part of the file changes, the hash value changes entirely.
It is mainly used in encryption, where each file/information is stored securely as hash values. Suppose an attacker grabs the database with hash values (instead of the actual information), he can’t figure out the meaning. And that’s how encryption keeps things secure.
Although discussion of hashing is beyond the scope of this article, it is important to know that it is useful when verifying the integrity of a file.
Collision: easily check a file and spot malicious files
Without a GUI, you’ll have to use the terminal to generate hash values to compare/verify.
Collision makes it incredibly easy, without needing to launch a terminal or know how to generate checksum values from a file. If you don’t know, our Linux checksum verification tutorial should help.
When using Collision, all you need to do is add the file you need to generate a hash value or verify it. It only takes a few clicks to protect yourself against malicious or tampered files.
While I show a text file in the screenshot, you can verify any file type or generate a hash for your files before sending it to someone else. You can share the generated hash values with the recipient to allow them to validate your file.
It’s a simple open source application that just lets you do two things:
- Generate hash values (SHA-1, MD5, SHA-256, SHA-516)
- Verify an item against a checksum or by using the file directly
This is how the Collision app works
To give you an example, I modified the original text file by adding a character to it, then tried to verify it.
Here’s what it looks like:
First, you need to open the original file you want to compare it to or have the checksum value with you.
First open the original file to generate the hash, then head to the verification section to access a modified file.
You will notice that it detects that it is not the same:
In case you are verifying against the checksum, first open the file you want to verify (here we have the modified file).
And, then enter the original checksum of the file. Since we already know that we are testing a modified file, the result is what we expect, i.e. failed to verify integrity.
Install Collision on Linux
Collision is primarily a GNOME-friendly app, but it works on any other distro.
You can install it using the available Flatpak package or build it from source while exploring its GitHub page. You can refer to our Flatpak guide for help if you are new to Linux.
If you prefer to use the terminal, type the following to install it:
flatpak install flathub dev.geopjr.Collision
To get started, you can also visit its official website.