Posted by: Anonymous Coward
on October 26, 2004 11:33 PM
Using md5 or other (better) hash algorithms is a good way to be sure the package you download is a genuine one. Install only stable, md5-checked versions of servers for production, no development or cvs ! And check the md5 sums on several sites, pages... OK a pirate could also try to change the md5 sums, but this task is a lot more difficult since : - he would have to change the md5 sums on every location, web pages, ftp servers - such kind of change would be fast to spot (faster than checking the source integrity).
Learn about Linux
Download Linux
Get Linux help
md5 sums
Posted by: Anonymous Coward on October 26, 2004 11:33 PMOK a pirate could also try to change the md5 sums, but this task is a lot more difficult since :
- he would have to change the md5 sums on every location, web pages, ftp servers
- such kind of change would be fast to spot (faster than checking the source integrity).
#