CHECKSUM is not easily accessible on Fedora Download Page
Tim
ignored_mailbox at yahoo.com.au
Fri Jan 21 00:11:37 UTC 2011
On Thu, 2011-01-20 at 11:22 -0500, Máirín Duffy wrote:
> From talking to numerous novice users in the design of the site I'm
> not convinced that a checksum file is something that novice users are
> aware of or much concerned about.
Ignorance is no excuse, as they old saying goes, and it's something that
needs brought to their attention, with the full how and why.
> The main download link points directly to Fedora's main server, not a
> mirror, so they'd be downloading the checksum from the same source as
> the payload anyway.
And the non-main download links...?
It was always the recommendation, before, to not download from the main
site, to spread the load around the mirrors.
> When you burn the iso to media it has a built-in media check as well
> which would protect against corruption
Only against corruptions at that point, not against malicious damage.
If someone's capable of releasing a compromised ISO, they're capable of
making it claim to pass its own self checks.
--
[tim at localhost ~]$ uname -r
2.6.27.25-78.2.56.fc9.i686
Don't send private replies to my address, the mailbox is ignored. I
read messages from the public lists.
More information about the users
mailing list