Date: Thu, 27 Jan 2005 10:11:27 -0800 From: gabriel <normal1.lists@gmail.com> To: Chuck Swiger <cswiger@mac.com> Cc: freebsd-questions@freebsd.org Subject: Re: Bittorrent secure? Message-ID: <efb85820501271011ae5db10@mail.gmail.com> In-Reply-To: <41F6C0EE.1070801@mac.com> References: <20050125192253.GA3088@gicco.homeip.net> <41F6A281.8030601@mac.com> <20050125205819.GA3574@gicco.homeip.net> <41F6C0EE.1070801@mac.com>
next in thread | previous in thread | raw e-mail | index | archive | help
You want true security, DONT USE IT! *hides behind the fridge* On Tue, 25 Jan 2005 16:58:06 -0500, Chuck Swiger <cswiger@mac.com> wrote: > Hanspeter Roth wrote: > > On Jan 25 at 14:48, Chuck Swiger spoke: > >> You need to have an external source of information which specifies a > >> checksum or MD5 hash to confirm that the file has not been tampered with. > > > > That to say I should download CHECKSUM.MD5 from one of the public > > FTP-servers by hand and do the MD5 checks myself, right? > > Yes indeed, or use the files in a context like the ports tree, which does this > sort of checking for you. > > >> If you trust the Torrent tracker file, then BitTorrent has this part > >> built-in. Otherwise, you would use something like the distinfo files in > >> /usr/ports to help confirm the validity of files. > > > > BitTorrent doesn't get some public checksums from some public > > servers transparently, does it? > > Each file distributed by BitTorrent has a tracker and a seed .torrent which > describes the checksums of the file (and it's parts), and manages the list of > hosts offering the file. > > >> On the other hand, Torrent doesn't do any worse than FTP or HTTP. > > > > The FTP-servers should be more or less official and should contain > > more or less uncompromised data. > > A lot of people thought that about ftp.gnu.org, or ftp.sendmail.org, or other > well-known FTP sources which have been compromised. > > > Hosts that offer BitTorrent probably are less official. > > True, but you are not relying on them to confirm the downloaded data is > correct, you are relying on the seed host and it's .torrent file. > > -- > -Chuck > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > -- gabriel, Member of: FreeBSD-Announce FreeBSD-Hardware FreeBSD-Multimedia FreeBSD-questions
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?efb85820501271011ae5db10>