With the current fervor about compromised ISO images, lots of people (including me) are saying that you should always verify an ISO image after downloading, and before installing. Here is a discussion of why and how to do that.
In my recent post about the handling of the security incident and compromised ISO image at Linux Mint, I said at the end that users should always verify the checksum of a downloaded image before installing it. In response I received several good comments and emails pointing out that just verifying the checksum isn't really good enough.
This might seem like a rather daunting task at first, because many users are not familiar with the concepts involved or the tools used to perform the validation. In fact, it's really a fairly easy thing to do, and it only requires three steps:
Read more at ZDNet News