[chadkeck]

I dont' really understand what you're saying here. Other services that calculate the digest of a file online require you to upload your file to the service/site where you don't know what they will do with it. With Browser Hash, not one bit of your file leaves your computer or travels over the network.

[tptacek]

How do I know that my file is never leaving my computer? To verify that, I have to verify every line of Javascript code influencing that page, every time I use it, to make sure it isn't spiriting away my file contents or feeding bogus SHA fingerprint values back to me.

[xtacy]

I think he means that the JavaScript that computes the hash can be MITM'd.

[chadkeck]

Well I guess I'm not so paranoid if you're worried about the JS being MITM'd :D

[wccrawford]

How would it be MITM'd? It all happens on your computer. Nothing travels over the network after the page is downloaded.

[antimatter15]

I think what xtacy means by MITM is that the javascript sent by the server might be MITM'd and altered to return a different value than the actual hash.

But for instance, if I'm trying to SHA1 a Windows 8 iso (the kind which I imagine would be by far the most common use case - in which a cryptographically secure hash algorithm isn't even a prerequisite any checksum would do).

It's not any worse than downloading the sha1sum app from any http site.

[tptacek]

No, it's worse than downloading the "sha1sum" app, because you only have to download "sha1sum" once. You can use a variety of out-of-band methods to verify the file that you can't reasonably or cost-effectively do with a website.

A website is essentially "installed" every time you visit it.

[justinschuh]

Tom's point is that you're serving the JavaScript and HTML over HTTP. So, the entire site can be man-in-the-middled.

[Zash]

Quickly, someone, make an identical looking site that actually uploads whatever you drop on it! ;)