Disc Purity - How to check Burned ISO - still Virgin/Pure

Disc Purity - How to check Burned ISO - Virgin/Pure

​Hear me out here peoples,

This is a question I suspect that is technically very relevant to many on the forum - and I haven't seen it addressed anywhere else.

Media creation tool or direct download - either way/whichever way - Once an iso/image is burnt:

What ways are they to test the DVD for purity/authenticity?

Yes - the media creation tool verifies the image - but - malware can infect iso/image files before they are burned + rootkits can interfere during the burning process, injecting data - with the user left unaware.

I'm asking for a technical discussion - on how we can take any burnt installation disc - and check it to ensure it is as it should be. What tools exists/solutions exist out there.

When we download files online - we can sha1 verify (or MD5).

Applying this principle to burning a DVD - how can we check that - what was intended to be burnt is actually what ended up being burnt - and the purity/integrity of the data is there?

To check if there was any contamination of the data - from the point we requested the iso download, and the data that ends up on the disc?

[People say just use a clean machine - but admit it - many that think they have a clean machine are indeed infected and are completely unaware - this is the reality that is initiating this quest for a solution/discussion].

O.

Mods - please remove the word 'still' from showing in the forum list of posts. I don't know why it's there after editing.

The popular "Imgburn" CD/DVD burner (what I use to burn ISO's) has a verify function. It won't verify that it will work, but it will verify that the data burned on the disc is the same as the file that was burned.

Here is a screen shot of part of the program panel.

Well here's the thing - I;ve just read elsewhere that Imgburn verifies by sampling - not by doing bit for bit comparison.

I'm wondering if there is a solution to check that - what's on the DVD is exactly the same as what was downloaded - without something being infected/changed inbetween.

I use Imgburn for ISO's. I've never had a problem with a CD or DVD ISO that I burned with ImgBurn.

I also have Nero and use the Nero BurningRom for all my recording studio audio CD's. I use the verify option in the BurningRom application and I've never had a verified CD that was "bad".

Hear me out and indulge me a little more here.

Iso gets downloaded to a machine that's already infected by a rootkit.

Rootkit is programmed to look out for OS iso's - where user is rebuilding machine to get rid of the odd behaviour - that is infact caused by the rootkit (unbeknownst to the user).

It knows to intercept has verification/hash programs, and to return false positive results.

It infects the image file - or intercepts the burning process - ending up on the DVD, and therefore the fresh OS install.

Again it knows when to intercept code - and return false positive results (verify &/or hash verification programs)

Can you see where I'm coming from?

Whats' the guard against this?

If you have an infected PC, I don't see any way to verify. The infection will hide itself anyway.

You should have security/malware software that helps prevent or finds those things, anyway.

A good set of safe ways:
-- weekly or bi-monthly backups onto external hard-drives
-- careful usage of computer programs, especially browsing and downloading
-- well-configured, multi-layered system of well-known/respected, daily updated, security software
-- [u-fill-in]