by Nik Rawlinson
What you need:Windows 10 or 11 Time required: 30 minutes
Keeping your software updated is important. If you let things slip out of date, you risk becoming vulnerable to hackers and malware. You might also be missing out on useful new features in your favourite programs.
Thankfully, keeping up is far easier today than it was a few years ago, thanks to automatic updates in Windows and Office, and programs that check for new releases every time they start. And, with programs increasingly installed through stores tied to the operating system, like the Microsoft Store in Windows (pictured), Apple App Store in iOS and iPadOS, and Google Play Store in Android, the number of places you need to check for updates is getting fewer.
That said, anything that can simplify the process further is a bonus – which brings us to the concept of package managers. These tools help handle the job of installing and updating software, and they’re available for a wide variety of operating systems, including Windows.
Package managers download bundles of code and descriptive data (or archives) from servers known as ‘package registries’. The archives are compiled by software developers, who can vouch for the integrity of their contents by attaching what’s known as a checksum. This is a long number that’s calculated by applying a mathematical equation to the code within the bundle. If anything within the bundle is changed, the equation will no longer spit out the correct answer.
1Learn how checksums work
To illustrate this, forget about ‘code’ for a moment, and instead think about three simple letters: ABC. If we said the letter A was worth one, B was worth two, and C was worth three, we could create a simple ‘checksum’ (effectively the output of a ‘sum’ used to ‘check’ the validity of the message) by adding those values together. The result would be six.
We could then pass on the text (ABC) to someone else, who could in turn hand it to a third party. The third party could check that the intermediary hadn’t interfered with the code by applying the same equation to the text and comparing the answer they got to the published checksum. If they got six, they’d know that the text they received hadn’t been altered since we wrote it, even though they didn’t receive it from us directly.
If the intermediary – or anyone else – swapped the
