@ikidd@lemmy.world to Linux@lemmy.mlEnglish • 3 months agoThe Secret Maze of Debian Imagesblog.fai-project.orgmessage-square4fedilinkarrow-up124arrow-down14file-text
arrow-up120arrow-down1external-linkThe Secret Maze of Debian Imagesblog.fai-project.org@ikidd@lemmy.world to Linux@lemmy.mlEnglish • 3 months agomessage-square4fedilinkfile-text
minus-squareReallyZenlinkfedilink14•3 months ago “You can ignore the SHA... files if you do not know what they are needed for. They are not important for you.” …That’s where I stopped reading this.
minus-square@gomp@lemmy.mllinkfedilink7•3 months agoI stopped at “secret” (yes, the occurrence in the title) :) TBH the checksums are pretty useless for humans who download an .iso and install it… they are mainly for mirrors and similar that download files without using them
minus-square𝘋𝘪𝘳𝘬linkfedilink8•3 months agoAlso: If someone manages to tamper with the downloadable ISO … they likely will be able to tamper with the signature files, too.
minus-square@butter@midwest.sociallinkfedilinkEnglish4•3 months agoI’m fully aware of what a SHA file is, and it’s entirely unimportant to me. Admittedly, I did check the arch image I use at work.
…That’s where I stopped reading this.
I stopped at “secret” (yes, the occurrence in the title) :)
TBH the checksums are pretty useless for humans who download an .iso and install it… they are mainly for mirrors and similar that download files without using them
Also: If someone manages to tamper with the downloadable ISO … they likely will be able to tamper with the signature files, too.
I’m fully aware of what a SHA file is, and it’s entirely unimportant to me.
Admittedly, I did check the arch image I use at work.