[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: you iso's may have been hacked




On 08/09/2016 08:37 PM, limpia wrote:

On 2016-08-09 20:03, phil hall wrote:
i have just downloaded debian gnome 8.5.0 when complete i clicked
check MD5 sum it listed a number that's not in your MD5sum document. I
have never checked an MD5sum, so don't know if this is a Mint bug or
you've been hacked

On 2016-08-09 20:24, limpia wrote:
 Thanks, but it would be a lot more help to know more details,
Especially which mirror you used, what was the url to where you
downloaded it from, ?
Was it a amd64 image or i386 ? Was it a "Live CD image", "netinstall" or ?
 Thank you
Additional note, I notice that here: https://www.debian.org/CD/faq/#verify It says :=== "The problem with the verification of written optical media is that some media types will possibly return more bytes than those found in the ISO image. This trailing garbage is impossible to avoid with CD written in TAO mode, incrementally recorded DVD-R[W], formatted DVD-RW, DVD+RW, BD-RE, and also with USB keys. Therefore, we need to read exactly the same number of sectors of data from the media as are found in the ISO image itself; reading any more bytes from the media will alter the checksum result.""
================================
 There are more details here: https://www.debian.org/CD/verify
as well, Are you sure you are checking correctly ?

Yes, of course. You can only check the md5 sum on the download. Once you burn it to a CD or DVD, there's no telling what the md5 sum will be.








Reply to: