Just a small way to help people get their FOSS. What are some other projects that have torrents that would be good to seed?

  • Maetani@jlai.lu
    link
    fedilink
    arrow-up
    17
    arrow-down
    1
    ·
    4 months ago

    Verifiying the checksum of an iso takes 30 seconds… You don’t need to trust anyone

    • Sekki
      link
      fedilink
      arrow-up
      10
      arrow-down
      1
      ·
      4 months ago

      I don’t think that is even necessary. If you download the .torrent file from a trusted source it will already contain a secure hash of the final file. Also every piece you receive also comes with a hash that can also be verified through the .torrent file. If you don’t trust the source enough to provide a valid .torrent, I don’t see how downloading the image directly from them makes any difference. Read more: Official BitTorrent BEP BitTorrent V2 and SHA-256

    • weker01@sh.itjust.works
      link
      fedilink
      arrow-up
      5
      ·
      4 months ago

      Well you do need to trust the checksum provided. That is the one you are checking against. Better would be a signature from a key you trust.

      In the end a modern torrent is just a hash.

      • CrypticCoffee
        link
        fedilink
        arrow-up
        1
        ·
        4 months ago

        Length of time never means quality of decisions. Always best to validate. So easy to package up malware and farm folks bank accounts.