Live Spins
Nicolas Canepa
ncanepa at fcen.uba.ar
Thu Nov 15 16:01:56 UTC 2007
Did you check the MD5SUM of the downloaded ISO?
Regards,
Nicolás Cánepa
ncanepa at fcen.uba.ar
www.ccc.fcen.uba.ar
Teléfono - 4576-3382
CCC - Centro de Comunicación Científica
UBA - Facultad de Ciencias Exactas y Naturales
R A Jon Hamelin escribió:
> Bill Davidsen wrote:
>> R A Jon Hamelin wrote:
>>> Frank Cox wrote:
>>>> On Sun, 11 Nov 2007 11:34:57 -0800
>>>> R A Jon Hamelin <jon_hamelin at shaw.ca> wrote:
>>>>
>>>>> I have had bad experiences with torrents and will not use them again.
>>>>
>>>> What's wrong with the torrents? I downloaded F8 that way the other
>>>> day at a
>>>> very healthy pace.
>>>>
>>> Hi Frank:
>>>
>>> A little over a year ago I downloaded a file - 4.3 GB - from what I
>>> thought was a safe site. After installing the program, my computer
>>> rebooted by itself and all hell broke loose. I no longer had a
>>> functioning BIOS. In addition it wiped my hard drives. Checking with
>>> the site in question, I discovered that the file should have been 3.8
>>> GB.
>>
>> Obviously the fault of torrent, because if you downloaded that same
>> 4.3GB file by ftp... wait, it still would have done the same thing,
>> because the problem was the content not the delivery system. Blaming
>> torrent for the effects of bad content is like blaming UPS because you
>> ordered one thing and got another.
>>
>> You didn't get 4.3GB instead of 3.8GB because of torrent, you got it
>> because it started out bad at the original source (including the
>> possibility of having a bad .torrent file to start with). And you
>> didn't do the check for size and checksum *before* you used the file,
>> and probably let something run as root or actually booted it, or it
>> couldn't have reached the BIOS or rebooted the machine... In other
>> words you didn't follow best practices and as a result something bad
>> happened, and you didn't have a backup of critical data.
>>>
>>> In my opinion bit torrents are a security issue. Having lost 3 days
>>> worth of irreplaceable photos from a commercial shoot and the
>>> contract, it was an expensive lesson for me.
>>>
>> Torrent is safer than any download from a single site, because any one
>> site can only corrupt a fraction of the overall content, and because
>> there is a crc on every small part of the download. That makes it very
>> hard for any undetected problems to get through, assuming you check
>> the sum of the files, etc.
>>
>> The "expensive lesson" involves backups, verifying anything you
>> download before use, and other best practice issues.
> 1) The torrent was started from a https site, which I assumed to be
> secure. When I contacted the site owner, they had their security look
> into the problem and the conclusion was that one of the seeders managed
> to maliciously alter the torrent. This affected in the neighborhood of
> 18 people/companies .
> 2) It was downloaded to a XP box. Had I been on my Fedora or Solaris
> box, such damage would not have happened. The torrent was zipped and
> everything started happening when I unzipped the file, not on install. I
> misspoke.
>
> 3) I had just transfered the photos from the SD cards and had not had
> time to back them up. My boxes are all backed up to my server at 3 AM
> every day.
>
> 4) My original post was to inquire if the Developer spin was available
> via a straight download, not to discuss the pros and cons of torrents. I
> downloaded the F8 DVD as a regular download in 42 minutes. Why would I
> want some insecure software exposing me to who knows what risks for 12
> or so hours? No Thank you.
>
> So once again I will try to inquire if the spin is available as a
> straight download and if so, could I be pointed in the right direction.
> I presently use OpenSolaris Developer Edition and would be very
> interested in comparing it to the Fedora Developer Spin.
>
> Sincerely,
> Jon
>
More information about the fedora-list
mailing list