file checksums

[Richard Gaskin]

Martin Baxter wrote:

 > Richard,
 >
 > What you say is obviously true, there is no ultimate guarantee from
 > checksums.
 >
 > The checksum is not useless though. It gives pretty good confidence
 > that the file didn't get altered in transit, whether by a network
 > error, a disk writing error, or by the intervention of a malcious
 > actor as MITM replacing the requested file with a doctored version
 > of their own. It may not provide ultimate trust but is better than
 > no checks at all.
 >
 > Some places sign their downloads with PGP, which in theory gives a
 > stronger guarantee of authenticity. However I think there are similar
 > issues with that. To verify it, you must install the public key of the
 > signer and assert (but on what basis?) that it is strongly trusted.
 > Here too, if the malicious actor can subvert both the download file
 > and the public key, the method fails. Most downloaders don't know
 > anything about the signer or have prior knowledge of his/her public
 > key and may not see anything amiss if they are somehow subverted.
 >
 > It gets better I suppose once you have had a trusted key in your
 > keyring for a while and it has a good track record of vouching for
 > software that you have confidence in. However, if the key that you
 > originally installed and more or less blindly trusted was actually
 > a fraud, then you are in trouble.

Very helpful, Martin.  Thanks for that.

--
  Richard Gaskin
  Fourth World
  LiveCode training and consulting: http://www.fourthworld.com
  Webzine for LiveCode developers: http://www.LiveCodeJournal.com
  Follow me on Twitter:  http://twitter.com/FourthWorldSys