Download page @Ubuntu.com
Matthew Flaschen
matthew.flaschen at gatech.edu
Wed Dec 20 03:26:33 UTC 2006
Matthew Nuzum wrote:
> Windows Installer has this capability built in, so that
> when you install a file it can detect if its damaged and abort early on.
> I doubt we can get so lucky in the near future. Maybe if we distributed
> the iso's zipped with a little md5 checker utility for Windows included
> in the zip file. It could be a statically compiled utility that grabs
> the md5 from the website, checks the gpg signature and then does an md5
> of the iso contained in the zipfile.
That doesn't provide any security. People need to get the MD5 directly
from Ubuntu's secured site. If they get both the MD5 and iso from a
mirror, tampering can't be detected.
Matthew Flaschen
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-doc/attachments/20061219/295b60f8/attachment.pgp>
More information about the ubuntu-doc
mailing list