Verify the Integrity of your Software Download V5.1 Build 021

Windows Install SecurITree-setup.exe 87,897,704 bytes
UNIX/Linux Install securitree.deb 77,904,972 bytes
Mac OS X Install SecurITree.pkg 84,516,367 bytes

The integrity of Amenaza's SecurITree program can be confirmed in three ways. The first method uses the SHA-1 algorithm specified by NIST in FIPS 180-1 to compute a cryptographic hash or message digest of downloaded files.

SHA-1 Checksums:

Windows Install SecurITree-setup.exe ff759c5c9f8500a41a0270c6d5ba488bf932beb8
UNIX/Linux Install securitree.deb 998817810318c85114dfa05ec1086b54c76bc743
Mac OS X Install SecurITree.pkg affcfd485f3026e088eb449563359e54a61eb090

Programs to compute and verify SHA-1 hashes are widely available. This makes it convenient for verifying that tampering of files has not occurred.

SHA-256 Checksums:

Windows Install SecurITree-setup.exe 16eef0f14c234e727a3f143f405ac1290988e03b6819b80f6678262aef6d343b
UNIX/Linux Install securitree.deb 8c433367d2c27899c7056027ec29b4c60cd34edfee7f00dbc93115e25f365132
Mac OS X Install SecurITree.pkg 68f72adaa25756bbb94f98abb198a13a1fb90b7595b5f77d4cd5d04f633f7a20

These methods are not a 100% guarantee of integrity. If Amenaza's web server has been compromised it is possible that the intruder may have introduced viruses, worms, Trojan Horses or other malware into the downloadable files and then posted matching SHA-1 message digests on the website! The next integrity verification mechanism described below is a stronger guarantee of file integrity and should be used if SecurITree will be used in a sensitive environment or if there is any suspicion that the downloaded code has been compromised.

The downloadable files have been digitally signed using Pretty Good Privacy (PGP) software and/or GNU Privacy Guard. This software is available commercially from or as freeware from

PGP Signature Files:

Windows Install SecurITree-setup.exe SecurITree-setup.exe.asc
UNIX/Linux Install securitree.deb securitree.deb.asc
Mac OS X Install SecurITree.pkg SecurITree.pkg.asc

The public half of the Amenaza Software signing key pair can be obtained from the PGP keyserver ( using the PGP Key Management utility. Search for "Amenaza Technologies Limited Software Signing Key" or "". Note that this site cannot be queried using the LDAP utility built into most browsers.

Since the private half of the Amenaza Software signing key pair used to sign the files is not stored on the Amenaza web server it is NOT possible for an intruder to create a valid signature file even if they compromise the web server. It is, however, possible that the PGP key server may have had the Amenaza Software signing key replaced by a rogue key.

If you are operating in a sensitive environment we recommend that you contact Amenaza Technologies at 1-888-949-9797 (1-403-263-7737) to verify the signing key fingerprint in an 'Out of Band' manner.

Amenaza Software Signing Key Fingerprint:

AE31 1695 86F5 BF87 0384 5314 D4F9 ABC2 D654 5B79


robust company backward Montana
necklace visitor slingshot liberty
acme Jupiter dwelling belowground
steamship Waterloo rhythm repellent
stockman equation erase inertia