Whenever there is a jailbreak available, almost everyone tries to install some third-party applications especially from the largest Cydia store on his / her iPhone, or iPad. As far as your sole source for third party package is Cydia, you don’t need to worry about malware and some other similar stuff like viruses etc because Cydia moderators are professionals and check almost every package on the approved repositories.
However, if you got the package from any untrusted repo or from any unknown source, you can check it whether it is safe and doesn’t harbor any malicious content by using the following MD5 sums method.
How to Verify MD5 Sum on Mac, Linux and Windows for Cydia Apps:
The first thing you are required to get is the original MD5 SUM of official app / package. There are different ways to get it. If you are downloading the package from the developer’s official site, it might be included in the readme file. Some developers also write it on the download page. And if the app is coming from the bigboss repo, you can get the copy of original bigboss packages file and then search for the concerned file/app/ tweak and note down the MD5 Sum of the app.
Now place the .deb file or any other file format you downloaded from an untrusted source on any convenient place of your PC. To illustrate the things further we downloaded a tweak called “ActionMenu 1.2.14” from a third party source ripbigboss and placed it in “downloads” folder of our MacBook Pro.
As MD5 Sum issued by original developer is already known to us (read step 1), now we will extract MD5 sum from the app downloaded from an untrusted source.
For Mac Users:
If you are a mac user, launch terminal from applications/utilities folder. Go to the folder where you placed the file. In our example, we put it in “downloads” folder. So we will navigate to there.
Now run this command “md5(space)actual-file-name.extension” as shown in the screenshot.
On successful execution, you will see the MD5 of your required file.
For Linux Users:
All the steps are almost same for the Linux users except that you have to use this command “md5sum(space)actual-file-name.extension” instead of that mentioned above.
For Windows Users:
Windows users can use either File Checksum Integrity Verifier (FCIV) utility to computer MD5 or SHA-1 hash values of a file or they can use this command at a command line.
FCIV -md5 -sha1 path\filename.ext
Now compare MD5 you got in step 3 and in step 2. If every digit matches, the file is original, otherwise it has been manipulated somewhere.
We always advise our readers to get any app for their iPhones from a reputed source. Anything installed from an unknown developer can be the cause of a serious security threat. It is better to be safe than we repent later.