Of course we’re all aware of how important it is to pay attention to where we’re downloading stuff from. Of course. And you would never download anything from questionable sites, right? Of course not! I believe in you. But if you’re curious about where a particular downloaded file came from, your Mac does give you an easy way to see that right within Finder. Take, for example, these two versions of the lovely OmniDiskSweeper program I have on my Desktop:
They look similar, right? Let’s see where I got them, and then we can decide how similar they really are. So if I click on one, hold down Command, and click on the second to select them both…
…I can then go up and choose “Get Info” from Finder’s “File” menu (or press Command-i).
Afterward, I can uncollapse the “More Info” section if necessary from the little windows that’ll show up:
And finally, I’ll see where each download originated from.
The “1.10” version came from The Omni Group’s website, so I know that’s legitimate. The “1.7.2” one, though? That’s from Softonic, a software aggregation site that tends to serve up downloads with…um…less-than-helpful stuff included. So I should use the disk image from the known-good source and not the possibly-infested-with-crap one.
I find this most useful for tracking down bad installations after the fact; for example, when a family member of mine starts getting nasty pop-ups from adware, I can first scan his Mac with Malwarebytes and then check his downloads folder for anything that’s been added recently. Finding a nefarious Adobe Flash installer from www.get-bad-porn-popups.ru can be a teachable moment for what to do when you see dialog boxes asking you to download programs (or it could help you teach someone how to make sure to install Flash Player updates legitimately, for example). But it’s also a handy trick just to figure out where your own files came from!