|
|
|
|
|
|
by G3E9
3626 days ago
|
|
|
I've gotten passed this with the help of two reasons, the first is because ISO images (even for minimal installs...) are huge and HTTPS'ing it all would be an expense from the mirror's end (hopefully with better tech this'll become an after-thought...) and secondly I've learned enough to generate my own checksums to copy and paste across search engines (in Google and with quotes, search strictly for your checksum and look for multiple sources sharing the same context regarding your download/image.) I've had the luck finding and verifying the majority of what I'd concern myself with. But what really frustrates me is downloading something (verified and all...) and then record its traffic downloading its updates via HTTP. I don't know if it's verifying its own downloads but I simply wish applications were more transparent or that applications had no shame in throwing up a screen providing the checksums of its downloads (well maybe for the users like me who have the time to put towards verifying every thing coming in.) So I love Notepad++, but I hate how its plugin manager (last time I checked...) downloads the majority of, if not all, its plugins from sourceforge and over HTTP. Windows UAC will pop up saying the newly selected plugins want to make changes to my computer - no, I stop there. If I can, then I'll download the plugin from its developer's GitHub and prepare it to use for Notepad++ myself. The plugin manager could be verifying packages, the packages could be hosted on something other than sourceforge, or whatever else. This is a rant over things I've already built habits and routines around. |
|
|