Verifying Digitally Signed Software

All of our installations and the programs of ours that they install are digitally signed by Dexadine, Inc. To do this we had to prove to a Certification Authority that we are who we say we are and then receive a digital signing certificate from them.

So why should you care? Because it's statistically improbable that a digitally signed program can be altered in any way without invalidating the digital signature. Thus, if the digital signature is OK, you're assured that the program is exactly as it was when we signed it. If a file gets corrupted during download, infected by a virus, or modified by someone else the digital signature will be invalid.

---

To verify one of our files, open either Windows Explorer or My Computer and browse to the folder where you downloaded the file to and then right mouse click on the file name. In the menu that pops up select Properties as shown below.

The Properties dialog opens and displays a number of tabs near the top. Select the Digital Signatures tab and you'll see Dexadine, Inc. in the Signature list. Click on our name and then click the Details button to open the Digital Signature Details dialog as shown below.

If the file is exactly as it was when it was signed by us it will say "This digital signature is OK" and our name will be listed in the Signer informaton box. At that point you know you have a good copy of one of our files.

As an experiment, we randomly changed just a single bit in the file and then checked the digital signature and as you can see below, the signature is not valid.

If you want more informaton about digital signatures, Microsoft has an artical titled Introduction to Code Signing that goes into much more detail.