The complete DD-32 system as a downloadable drive image. Flash it to any 32GB+ USB drive with free tools, verify it byte-for-byte against our published signatures, and stash it in your kit.
Coming soon — notify me Verify a download
Every step below has a full walkthrough on this page. Total time: about 30 minutes, most of it waiting for the flash.
Grab the compressed image and the checksum + signature files from your purchase library.
Check the SHA-256 sum and the PGP signature. If a single byte is off, you'll know — don't flash it.
Write the image to a 32GB+ USB 3 drive with Rufus, Etcher, or dd. Label it. Bag it. Done.
A survival tool you can't trust is dead weight. Every release is published with a SHA-256 checksum and a PGP signature. Verify before you flash — especially if the image reached you on physical media or from a mirror.
Computed a hash with your own tools? Paste both values — we'll compare them character-by-character. Nothing leaves your browser.
Drop a file to compute its SHA-256 locally in your browser. Fine for checksum files and docs; for the full multi-GB image, the command-line tools below are much faster.
Runs entirely offline in your browser — this page makes zero network requests with your file.
# In the folder containing the image: Get-FileHash .\dd32-v1.0.img.xz -Algorithm SHA256 # Or with certutil (Command Prompt): certutil -hashfile dd32-v1.0.img.xz SHA256
Copy the hash it prints into the compare tool above, next to the official value from your purchase page.
shasum -a 256 dd32-v1.0.img.xz
The 64-character string before the filename is your hash.
sha256sum dd32-v1.0.img.xz # Or verify directly against our checksum file: sha256sum -c SHA256SUMS # → dd32-v1.0.img.xz: OK
A checksum proves the file wasn't corrupted. The signature proves the checksum itself was published by Doomsday-Prep.AI and not swapped by someone in between. Our signing key fingerprint is printed on every purchase receipt:
KEY: ops@doomsday-prep.ai // FINGERPRINT: XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX # 1. Import our public signing key (also included in your download): gpg --import doomsday-prep-signing-key.asc # 2. Confirm the fingerprint matches the one on your receipt: gpg --fingerprint ops@doomsday-prep.ai # 3. Verify the signed checksum file: gpg --verify SHA256SUMS.sig SHA256SUMS # → Good signature from "Doomsday-Prep.AI Release Signing" # 4. Then verify the image against the now-trusted checksums: sha256sum -c SHA256SUMS
Windows users: install Gpg4win and use the same commands in PowerShell, or right-click → "Verify" with Kleopatra. A "Good signature" from our key + a matching checksum = a byte-perfect, authentic image.
Three tools, same result. Rufus is the easiest on Windows, Etcher is the easiest
everywhere, dd is for people who alphabetize their go-bags. Use a
quality 32GB+ USB 3 drive — flashing takes 10–25 minutes depending on the drive.
Download the latest Rufus from rufus.ie. The portable version needs no install — fitting, for this product. Run it (allow the admin prompt).
Plug in the target drive. Rufus lists it under Device. Confirm the size (~32GB) and drive letter match the drive you intend to erase.
Click SELECT and choose dd32-v1.0.img.xz — Rufus reads compressed images directly, no need to extract. Boot selection will show the image name.
Partition scheme and target system are read from the image. Don't change them — the image already boots both BIOS and UEFI machines.
Click START, acknowledge the "all data will be destroyed" warning, and wait for the green READY bar. Don't unplug mid-write.
Safely eject the drive, physically label it (paint pen > sticker), and it's ready to boot. Windows may offer to "format" the drive's Linux partitions — always decline.
Download from etcher.balena.io for your OS and install/open it. On macOS it will ask for permissions to access removable drives — grant them.
Click Flash from file and pick dd32-v1.0.img.xz. Etcher handles the compressed image directly.
Click Select target and tick your USB drive. Etcher hides system disks by default and warns on anything unusually large — heed those warnings.
Click Flash! and enter your password if prompted. Etcher writes the image and then automatically re-reads the drive to validate the write — leave that on; it's a free integrity check.
When it reports Flash Complete, eject, label, stash. Your OS may complain it "can't read" the drive — expected and fine; the partitions are Linux-formatted.
Linux
# 1. Identify the target. Plug the drive in, then: lsblk # Find your USB by size, e.g. /dev/sdb — the whole disk, not /dev/sdb1 # 2. Make sure it isn't mounted: sudo umount /dev/sdb?* # 3. Decompress and write in one pipeline: xz -dc dd32-v1.0.img.xz | sudo dd of=/dev/sdb bs=4M status=progress conv=fsync # 4. Flush and eject: sync && sudo eject /dev/sdb
macOS
# 1. Identify the target: diskutil list # Find your USB by size, e.g. /dev/disk4 (external, physical) # 2. Unmount it (not eject): diskutil unmountDisk /dev/disk4 # 3. Write using the raw device (rdisk = much faster): xz -dc dd32-v1.0.img.xz | sudo dd of=/dev/rdisk4 bs=4m # 4. Eject when dd finishes: diskutil eject /dev/disk4
No xz on macOS? brew install xz, or decompress first and
dd the raw .img. Progress on macOS: press
Ctrl+T in the terminal to make dd print status.
Plug the drive in, power the machine on, and immediately tap the boot-menu key for your manufacturer. Pick the USB entry (choose the "UEFI:" entry if you see both). If Secure Boot blocks it, disable Secure Boot in the firmware settings — the manual on your purchase page walks through it per vendor.
| Manufacturer | Boot menu | Firmware setup |
|---|---|---|
| Dell | F12 | F2 |
| HP | F9 (or Esc) | F10 |
| Lenovo | F12 | F1 / F2 |
| ASUS | F8 / Esc | F2 / Del |
| Acer | F12 | F2 |
| MSI / custom builds | F11 | Del |
| Intel-era Mac | Hold Option (⌥) at chime | — |
Tip: test-boot the drive on your own machine the day you flash it. A drive verified once and stored dry will boot years later — but verify it before you need it.