How to Verify a Release is Authentic

We strongly recommend that you only install FATpick software downloaded directly from FATpick.com. The page at https://www.FATpick.com/support/downloads is controlled by the FATpick team itself and is the official source for FATpick releases. Using it helps ensure that the software you install is an official release, created by the FATpick team, and not tampered with or modified by any (potentially malicious) third party.

However, we know that FATpick is also available from or distributed by other sources like software directories or package bundlers — including some that are trustworthy, safe, and reliable. (But also some that are outside of our control, so be careful. This is exactly why we encourage you to use the official source.)

If you would like to validate that a FATpick application or installer is official and unmodified — whether obtained from an unofficial source or just out of an abundance of caution — this page will explain how to verify the integrity of the files in a release.

Checksums or Signatures

To validate that a FATpick release is authentic you can compute a "hash" or "checksum" for your copy of the software (as described below) and compare it to the value published on this page. This hash acts as a type of "signature" that confirms that your copy is an exact match of the official build that we released.

This hash is like a "fingerprint" for the data in a file, so each release - and each file within a release - will have a different value.

The following table lists the checksums for recent FATpick releases.

Release 2.3.0

  • FATpick-2.3.0.dmg or FATpick-mac-latest.dmg
    • Size (Bytes): 116959177
    • MD5: f4689e4c817cfc22048fad2a9b153b6f
    • SHA256: d95b716fc1b1da20f3b698bf05531dee8256a0ec9f70ddf5a9c3018d2d26e26a
  • FATpick-Setup-2.3.0.exe or FATpick-win-latest.exe
    • Size (Bytes): 175523456
    • MD5: f546a275932342184c3f2e2a2088ab09
    • SHA256: 0c5b5c3f6dc75a78e39f6458d1accaa8104ab0806a2dfc750dbeda45f1d46411
  • FATpick-2.3.0.AppImage or FATpick-tux-latest.AppImage
    • Size (Bytes): 115403295
    • MD5: 565f372f024d2400fda1c0570d1c99ea
    • SHA256: 5b10b044a2ff9ce77b625aaee50d8aa9a2201e2fd4525fb4636c8aff6c25081b

Release 2.2.0

  • FATpick-2.2.0.dmg or FATpick-mac-latest.dmg
    • Size (Bytes): 150725930
    • MD5: 39630f30804db0b246255131c3d35423
    • SHA256: 1a5278c04d774a18d34cd681e4f8e1c8f0fa5f1f7f3bff2ba0c74a0a25f08f0f
  • FATpick-2.2.0.exe or FATpick-win-latest.exe
    • Size (Bytes): 115644936
    • MD5: 716b302a51649e78cb4343770e57754f
    • SHA256: 31807d756d5bb23bdc5765f716bf95a773a1b6f4923055dabeb4efe318cd886c
  • FATpick-2.2.0.AppImage or FATpick-tux-latest.AppImage
    • Size (Bytes): 147473808
    • MD5: 58e75a08690ac89c114e446fcab33daf
    • SHA256: eafc270f0b9c03a91b3f031f0426a549724b28e3a2909480df1e515178d2dc8f

Note that a single hash (MD5 or SHA256) should be sufficient to verify the integrity of a release, but both are provided for your convienence.

How to Compute the Checksum

How to Compute the Checksum on Windows

Using the Command Shell (CMD)

Open the Windows Command Prompt or Shell.

Enter the following:

certutil -hashfile FILENAME HASHNAME

where FILENAME is the path to the file you want to verify and HASHNAME is the type of signature you want to compute (MD5 or MD5).

For example, if the app is named FATpick-win-latest.exe and is found on your desktop you would might use something like:

certutil -hashfile C:\Users\YOUR-USERNAME\Desktop\FATpick-win-latest.exe MD5

to compute the MD5 hash, or

certutil -hashfile C:\Users\YOUR-USERNAME\Desktop\FATpick-win-latest.exe SHA256

to compute the SHA256 hash.

The hexadecimal number (string of numbers 0-9 and letters A-F) in the output should match the corresponding value in the table above.

Using PowerShell

Open Windows PowerShell.

Enter the following:

Get-FileHash -Path FILENAME -Algorithm HASHNAME

where FILENAME is the path to the file you want to verify and HASHNAME is the type of signature you want to compute (MD5 or MD5).

For example, if the app is named FATpick-win-latest.exe and is found on your desktop you would might use something like:

Get-FileHash -Path C:\Users\YOUR-USERNAME\Desktop\FATpick-win-latest.exe -Algorithm MD5

to compute the MD5 hash, or

Get-FileHash -Path C:\Users\YOUR-USERNAME\Desktop\FATpick-win-latest.exe -Algorithm SHA256

to compute the SHA256 hash.

The hexadecimal number (string of numbers 0-9 and letters A-F) in the output should match the corresponding value in the table above.

How to Compute the Checksum on Mac OSX

Open Terminal app.

To compute the MD5 hash, enter:

md5 FILENAME

where FILENAME is the path to the file you want to verify.

For example, if the app is named FATpick-mac-latest.dmg and is found on your desktop you would might use something like:

md5 ~/Desktop/FATpick-mac-latest.dmg

To compute the SHA256 hash, enter:

shasum -a 256 FILENAME

where FILENAME is the path to the file you want to verify.

For example, if the app is named FATpick-mac-latest.dmg and is found on your desktop you would might use something like:

shasum -a 256 ~/Desktop/FATpick-mac-latest.dmg

In both cases the hexadecimal number (string of numbers 0-9 and letters A-F) in the output should match the corresponding value in the table above.