Re: Fwd: Fwd: question regarding verification of a debian installation iso
On Mon, 2011-01-03 at 08:19 -0800, Ben Pfaff wrote:
> Eduardo M KALINOWSKI <eduardo@kalinowski.com.br> writes:
>
> > How much do you trust your USB drive? It could have a malicious
> > controller that detects when the correct Fedora files are written to
> > it, and replaces with hacked copies. And when you try to verify the
> > copy, it detects this and returns the SHA1 (or any other checksum) of
> > the original files.
>
> How would the USB drive tell whether you were reading the file to
> verify its checksum or to use its contents?
Because you forgot to make sure that the tin foil fit tightly. ;)
Reply to: