How to verify of USB integrity after making it bootable?

I read there is a file (not sure if for QubesOS), which has hashes for all files - to verify contents of bootable usb (after you create it from ISO), in case you had malware and it changed contents of usb after make it bootable! Tho isn’t this kinda pointless, couldn’t simply change hashes in that file also? I know this unprobable. Same this additional verification doesn’t seem to me much meaningful…

So is there any point doing it?

It could in theory be possible.

You could create in installation media in different locations using different computers and compare the hashes, and you can repeat the process until you feel sure the system isn’t compromised.

1 Like

Wonder why it is even a thing, this doesn’t seem to really help anything…

Nothing is 100% secure, installing your OS from a host that is compromised is likely to be an issue.

Yeah, i just wonder about this one thing. Hopefully it is not, i just want to make really really sure in this case. I will also do that, thanks for tip :slight_smile: …It doesn’t hurt to have that so… even it is useless basically no?

Verifying signatures

You can read the documentation, it explains how you use digital signatures.

Yeah i know these basics, this is not explained there i don’t think, i just wondered about it that’s all. If it is even for something… Which is kinda obviously it is like redundant but nice to have that, it doesn’t hurt anything, don’t know why i even asked now, probably from anxiety…

How to import and authenticate the Qubes Master Signing Key

That section explains how you can verify you have a valid signing key.

1 Like

OH thanks i have already this down, i wondered about that thing, and also using multiple computer and usb and comparing hashes was helpful to me :slight_smile:

How to re-verify installation media after writing