implement stronger verification of ISO-files

lkkw223
  6 years ago
  5
  Under dev. review

Implement verification of ISO-files based on checksums (sha5sum, sha256sum, sha512sum, etc.). Verify checksums with GPG (see links below if you don't know what this means). Enable SSL/TSL (https) as deafault on linuxmint.com to ensure end to end encryption when downloading ISO-files.

To compare, Ubuntu, Fedora, and Debian all use this features. And with good reason: if the ISO-file gets corrupted by a malicious third party during download, the whole OS-security is gone.

https://help.ubuntu.com/community/VerifyIsoHowto
http://www.debian.org/CD/verify
https://fedoraproject.org/en_GB/verify
Latest comments
anandrkris 6 years ago

With Mint's rising popularity, it is perhaps worthwhile to implement to avoid any vulnerabilities.


jahid_0903014 6 years ago

not necessary, but if this is implemented then linuxer's will have a new thing to boast. so promoting...


quake0 6 years ago

Good idea.


Hammer459 6 years ago

Nice to have but not entirely required.
My vote is I don't care (and that is from someone with Paranoid at signature song :-) )