Code signing, cryptographic keys and checksums
Downloading software
  • Always use official sites for downloading software.
  • To download my software, use the links in the download section of each application.
  • Make sure the download links start with https://vault.heardofaudio.com/ before starting a download
Don't take my word for it that downloads are virus free
  • Check the archives yourself before installing them using an online tool or local application.
Testing the validity of a downloaded file
  • macOS applications are signed and notarised with my Apple Developer ID.
  • For operating systems other than macOS to test that a file is unmodified, verify the downloaded file’s PGP signature. Where applicable, the signatures for downloads appear just below the download links for each file.
  • How to use signatures and checksums
    You will need to install OpenPGP software on your computer. Below you'll find a list of possible solutions for your operating system:

    macOS https://gpgtools.org
    Linux https://gnupg.org/index.html
    Windows https://gnupg.org/index.html
    iOS https://apps.apple.com/us/app/apple-store/id1011677987

    Import the public key into your local OpenPGP Key-Manager.

    You can also verify the file with the PGP signature by installing OpenPGP or another PGP encryption package and verify the signed files .sig.

    You can use SHA256 checksums to verify if a file is corrupt or has been modified. Place the .sha256 file in the same folder as the archive and use these commands.

    In a Mac Terminal:
    shasum -a 256 -c < filechecksum.sha256

    At Windows command prompt:
    certutil -hashfile filearchive.zip SHA256

    and compare the results with the published SHA256 value. If they're the same - all good. Otherwise you have a problem.

I think that the people who are trying to shut down WikiLeaks are going to have to accept this as a fact of reality that cryptography allows you to do this kind of thing.

Whitfield Diffie

One must acknowledge with cryptography no amount of violence will ever solve a math problem.

Jacob Appelbaum

Cryptography is the ultimate form of non-violent direct action.

Julian Assange

One of the most singular characteristics of the art of deciphering is the strong conviction possessed by every person, even moderately acquainted with it, that he is able to construct a cipher which nobody else can decipher. I have also observed that the cleverer the person, the more intimate is his conviction.

Charles Babbage

Encryption works. Properly implemented strong crypto systems are one of the few things that you can rely on. Unfortunately, endpoint security is so terrifically weak that the NSA can frequently find ways around it.

Edward Snowden

Cryptography products may be declared illegal, but the information will never be.

Bruce Schneier

Encryption...is a powerful defensive weapon for free people. It offers a technical guarantee of privacy, regardless of who is running the government... It's hard to think of a more powerful, less dangerous tool for liberty.

Esther Dyson

Anyway, it's not true that the authorities cannot access the content of the phone even if there is no back door. When I was at the NSA, we did this every single day, even on Sundays. I believe that encryption is a civic responsibility, a civic duty.

Edward Snowden