ikidd@lemmy.world to Linux@lemmy.mlEnglish · 2 months agoThe Secret Maze of Debian Imagesblog.fai-project.orgexternal-linkmessage-square4fedilinkarrow-up119arrow-down12file-text
arrow-up117arrow-down1external-linkThe Secret Maze of Debian Imagesblog.fai-project.orgikidd@lemmy.world to Linux@lemmy.mlEnglish · 2 months agomessage-square4fedilinkfile-text
minus-squareReallyZen@lemmy.mllinkfedilinkarrow-up10arrow-down1·2 months ago “You can ignore the SHA... files if you do not know what they are needed for. They are not important for you.” …That’s where I stopped reading this.
minus-squaregomp@lemmy.mllinkfedilinkarrow-up7·2 months agoI stopped at “secret” (yes, the occurrence in the title) :) TBH the checksums are pretty useless for humans who download an .iso and install it… they are mainly for mirrors and similar that download files without using them
minus-square𝘋𝘪𝘳𝘬@lemmy.mllinkfedilinkarrow-up6·2 months agoAlso: If someone manages to tamper with the downloadable ISO … they likely will be able to tamper with the signature files, too.
minus-squarebutter@midwest.sociallinkfedilinkEnglisharrow-up4arrow-down1·2 months agoI’m fully aware of what a SHA file is, and it’s entirely unimportant to me. Admittedly, I did check the arch image I use at work.
…That’s where I stopped reading this.
I stopped at “secret” (yes, the occurrence in the title) :)
TBH the checksums are pretty useless for humans who download an .iso and install it… they are mainly for mirrors and similar that download files without using them
Also: If someone manages to tamper with the downloadable ISO … they likely will be able to tamper with the signature files, too.
I’m fully aware of what a SHA file is, and it’s entirely unimportant to me.
Admittedly, I did check the arch image I use at work.