[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Firefox claims i386 images contain virus or malware


Ruud Bos wrote:
> I tried to download two different ISO files via
> https://cdimage.debian.org/cdimage/release/current-live/i386/iso-hybrid/
> Everytime a download has completed, Firefox mentions that the ISO contains
> a virus. I tried downloading both the GNOME and MATE ISO's.

This accusation by Firefox is not new:
Regrettably there is no hint what part of the ISOs exactly is accused of
being malware.
Do you see any information beyond the statement that there is a virus ?

It is unlikely that Debian inadvertently packages any virus.
To verify that the ISOs have not been tampered with, download into the
same directory as the ISOs:


Verify the authenticity of SHA512SUMS by a run of

  gpg --keyserver keyring.debian.org --verify SHA512SUMS.sign SHA512SUMS

which must report

  gpg: Good signature from "Debian CD signing key <debian-cd@lists.debian.org>"
  Primary key fingerprint: DF9B 9C49 EAA9 2984 3258  9D76 DA87 E80D 6294 BE9B

The reported "key fingerprint" must match one of those listed at
  https://www.debian.org/CD/verify .

When the SHA512SUMS was verified by SHA512SUMS.sign and the public Debian
key, let program "sha512sum" check for matches:

  sha512sum -c SHA512SUMS

must report

  debian-live-10.6.0-i386-gnome.iso : OK
  debian-live-10.6.0-i386-mate.iso : OK
  ...other.ISOs... : FAILED open or read
  sha512sum: WARNING: ... listed files could not be read

It must not report

  debian-live-10.6.0-i386-gnome.iso : FAILED
  sha512sum: WARNING: ... listed files could not be read
  sha512sum: WARNING: 1 computed checksum did NOT match

If the verification succeeds, consider to file a bug in Ubuntu against
the virus checker of Firefox.

Have a nice day :)


Reply to: