Martin Baxter wrote: > Richard, > > What you say is obviously true, there is no ultimate guarantee from > checksums. > > The checksum is not useless though. It gives pretty good confidence > that the file didn't get altered in transit, whether by a network > error, a disk writing error, or by the intervention of a malcious > actor as MITM replacing the requested file with a doctored version > of their own. It may not provide ultimate trust but is better than > no checks at all. > > Some places sign their downloads with PGP, which in theory gives a > stronger guarantee of authenticity. However I think there are similar > issues with that. To verify it, you must install the public key of the > signer and assert (but on what basis?) that it is strongly trusted. > Here too, if the malicious actor can subvert both the download file > and the public key, the method fails. Most downloaders don't know > anything about the signer or have prior knowledge of his/her public > key and may not see anything amiss if they are somehow subverted. > > It gets better I suppose once you have had a trusted key in your > keyring for a while and it has a good track record of vouching for > software that you have confidence in. However, if the key that you > originally installed and more or less blindly trusted was actually > a fraud, then you are in trouble.
Very helpful, Martin. Thanks for that. -- Richard Gaskin Fourth World LiveCode training and consulting: http://www.fourthworld.com Webzine for LiveCode developers: http://www.LiveCodeJournal.com Follow me on Twitter: http://twitter.com/FourthWorldSys _______________________________________________ use-livecode mailing list use-livecode@lists.runrev.com Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-livecode
