Y
Hacker News
new
|
ask
|
show
|
jobs
by
flurpitude
3614 days ago
I don't see much value in published file hashes when they're hosted on the same site that hosts the files. If someone compromises the download link they're probably in a good position to update the hashes too.
1 comments
0x0539
3614 days ago
The purpose of the hashes isn't to prove the file hasn't been tampered with, its confirm that the file wasn't corrupted during download.
link
bashinator
3613 days ago
Then just use checksum instead of an obsolete cryptographic hash.
link