|
|
|
|
|
|
by emergentcypher
3767 days ago
|
|
|
What I don't get about publishing the hashes, etc... if they are serving up tampered .iso files, why wouldn't they also change the website to serve the appropriate hashes for the hacked isos? For the verification to work I would think it needs to be PGP-signed and you should have the public key in advance. |
|
|