Bill Davidsen wrote:
R A Jon Hamelin wrote:
Frank Cox wrote:
On Sun, 11 Nov 2007 11:34:57 -0800
R A Jon Hamelin <jon_hamelin@xxxxxxx> wrote:
I have had bad experiences with torrents and will not use them again.
What's wrong with the torrents? I downloaded F8 that way the other
day at a
very healthy pace.
Hi Frank:
A little over a year ago I downloaded a file - 4.3 GB - from what I
thought was a safe site. After installing the program, my computer
rebooted by itself and all hell broke loose. I no longer had a
functioning BIOS. In addition it wiped my hard drives. Checking with
the site in question, I discovered that the file should have been 3.8
GB.
Obviously the fault of torrent, because if you downloaded that same
4.3GB file by ftp... wait, it still would have done the same thing,
because the problem was the content not the delivery system. Blaming
torrent for the effects of bad content is like blaming UPS because you
ordered one thing and got another.
You didn't get 4.3GB instead of 3.8GB because of torrent, you got it
because it started out bad at the original source (including the
possibility of having a bad .torrent file to start with). And you
didn't do the check for size and checksum *before* you used the file,
and probably let something run as root or actually booted it, or it
couldn't have reached the BIOS or rebooted the machine... In other
words you didn't follow best practices and as a result something bad
happened, and you didn't have a backup of critical data.
In my opinion bit torrents are a security issue. Having lost 3 days
worth of irreplaceable photos from a commercial shoot and the
contract, it was an expensive lesson for me.
Torrent is safer than any download from a single site, because any one
site can only corrupt a fraction of the overall content, and because
there is a crc on every small part of the download. That makes it very
hard for any undetected problems to get through, assuming you check
the sum of the files, etc.
The "expensive lesson" involves backups, verifying anything you
download before use, and other best practice issues.
1) The torrent was started from a https site, which I assumed to be
secure. When I contacted the site owner, they had their security look
into the problem and the conclusion was that one of the seeders managed
to maliciously alter the torrent. This affected in the neighborhood of
18 people/companies .
2) It was downloaded to a XP box. Had I been on my Fedora or Solaris
box, such damage would not have happened. The torrent was zipped and
everything started happening when I unzipped the file, not on install. I
misspoke.
3) I had just transfered the photos from the SD cards and had not had
time to back them up. My boxes are all backed up to my server at 3 AM
every day.
4) My original post was to inquire if the Developer spin was available
via a straight download, not to discuss the pros and cons of torrents. I
downloaded the F8 DVD as a regular download in 42 minutes. Why would I
want some insecure software exposing me to who knows what risks for 12
or so hours? No Thank you.
So once again I will try to inquire if the spin is available as a
straight download and if so, could I be pointed in the right direction.
I presently use OpenSolaris Developer Edition and would be very
interested in comparing it to the Fedora Developer Spin.
Sincerely,
Jon
--
R A Jon Hamelin
Hamelin Graphics
324-1985 Wallace St
Vancouver, BC V6R 4H4
778 327 9302
--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list