Y
Hacker News
new
|
ask
|
show
|
jobs
by
chrisshroba
912 days ago
That’s what I always wonder too. If we assume an attacker can change the contents at example.com/app.zip, why should we assume the hash published at example.com/download.html is any more secure?