SQLite Forum

Suggestion: Use strong hashes on the download page
The same utility as providing the password to an e-mail attached zip file in the same (or different) e-mail as sent the zip file in the first place.

This is, it is for decorum, deniability, and CYA purposes.  It is not intended to have any actual security benefit.  Like searches by Airport Security, it is intended primarily as Theater to calm the hysterical masses.

It can be argued that such measures cull out the totally and completely incompetenr, and that probably covers most of the threat landscape.  The remainder deliberately install malware (see Solarwinds) and are thus hoisted by their own petards.

The least risky version of any software to use is the most recently discontinued/unsupported version because: (a) that version will suffer no more fiddling; (b) will work the same forever; (c) has a high probability that all vulnerabilities are well-known; and, (d) since it is well known, support technicians can be gotten for a pittance at the local pub.