Sorry, the SHA1SUM
Sincerely,
Nicolás Cánepa
ncanepa@xxxxxxxxxxx
www.ccc.fcen.uba.ar
Teléfono - 4576-3382
CCC - Centro de Comunicación Científica
UBA - Facultad de Ciencias Exactas y Naturales
Nicolas Canepa escribió:
Did you check the MD5SUM of the downloaded ISO?
Regards,
Nicolás Cánepa
ncanepa@xxxxxxxxxxx
www.ccc.fcen.uba.ar
Teléfono - 4576-3382
CCC - Centro de Comunicación Científica
UBA - Facultad de Ciencias Exactas y Naturales
R A Jon Hamelin escribió:
Bill Davidsen wrote:
R A Jon Hamelin wrote:
Frank Cox wrote:
On Sun, 11 Nov 2007 11:34:57 -0800
R A Jon Hamelin <jon_hamelin@xxxxxxx> wrote:
I have had bad experiences with torrents and will not use them again.
What's wrong with the torrents? I downloaded F8 that way the other
day at a
very healthy pace.
Hi Frank:
A little over a year ago I downloaded a file - 4.3 GB - from what I
thought was a safe site. After installing the program, my computer
rebooted by itself and all hell broke loose. I no longer had a
functioning BIOS. In addition it wiped my hard drives. Checking with
the site in question, I discovered that the file should have been
3.8 GB.
Obviously the fault of torrent, because if you downloaded that same
4.3GB file by ftp... wait, it still would have done the same thing,
because the problem was the content not the delivery system. Blaming
torrent for the effects of bad content is like blaming UPS because
you ordered one thing and got another.
You didn't get 4.3GB instead of 3.8GB because of torrent, you got it
because it started out bad at the original source (including the
possibility of having a bad .torrent file to start with). And you
didn't do the check for size and checksum *before* you used the file,
and probably let something run as root or actually booted it, or it
couldn't have reached the BIOS or rebooted the machine... In other
words you didn't follow best practices and as a result something bad
happened, and you didn't have a backup of critical data.
In my opinion bit torrents are a security issue. Having lost 3 days
worth of irreplaceable photos from a commercial shoot and the
contract, it was an expensive lesson for me.
Torrent is safer than any download from a single site, because any
one site can only corrupt a fraction of the overall content, and
because there is a crc on every small part of the download. That
makes it very hard for any undetected problems to get through,
assuming you check the sum of the files, etc.
The "expensive lesson" involves backups, verifying anything you
download before use, and other best practice issues.
1) The torrent was started from a https site, which I assumed to be
secure. When I contacted the site owner, they had their security look
into the problem and the conclusion was that one of the seeders
managed to maliciously alter the torrent. This affected in the
neighborhood of 18 people/companies .
2) It was downloaded to a XP box. Had I been on my Fedora or Solaris
box, such damage would not have happened. The torrent was zipped and
everything started happening when I unzipped the file, not on install.
I misspoke.
3) I had just transfered the photos from the SD cards and had not had
time to back them up. My boxes are all backed up to my server at 3 AM
every day.
4) My original post was to inquire if the Developer spin was available
via a straight download, not to discuss the pros and cons of torrents.
I downloaded the F8 DVD as a regular download in 42 minutes. Why would
I want some insecure software exposing me to who knows what risks for
12 or so hours? No Thank you.
So once again I will try to inquire if the spin is available as a
straight download and if so, could I be pointed in the right
direction. I presently use OpenSolaris Developer Edition and would be
very interested in comparing it to the Fedora Developer Spin.
Sincerely,
Jon
