R A Jon Hamelin wrote:
Bill Davidsen wrote:
R A Jon Hamelin wrote:
Frank Cox wrote:
On Sun, 11 Nov 2007 11:34:57 -0800
R A Jon Hamelin <jon_hamelin@xxxxxxx> wrote:
I have had bad experiences with torrents and will not use them again.
What's wrong with the torrents? I downloaded F8 that way the other
day at a
very healthy pace.
Hi Frank:
A little over a year ago I downloaded a file - 4.3 GB - from what I
thought was a safe site. After installing the program, my computer
rebooted by itself and all hell broke loose. I no longer had a
functioning BIOS. In addition it wiped my hard drives. Checking with
the site in question, I discovered that the file should have been
3.8 GB.
Obviously the fault of torrent, because if you downloaded that same
4.3GB file by ftp... wait, it still would have done the same thing,
because the problem was the content not the delivery system. Blaming
torrent for the effects of bad content is like blaming UPS because
you ordered one thing and got another.
You didn't get 4.3GB instead of 3.8GB because of torrent, you got it
because it started out bad at the original source (including the
possibility of having a bad .torrent file to start with). And you
didn't do the check for size and checksum *before* you used the file,
and probably let something run as root or actually booted it, or it
couldn't have reached the BIOS or rebooted the machine... In other
words you didn't follow best practices and as a result something bad
happened, and you didn't have a backup of critical data.
In my opinion bit torrents are a security issue. Having lost 3 days
worth of irreplaceable photos from a commercial shoot and the
contract, it was an expensive lesson for me.
Torrent is safer than any download from a single site, because any
one site can only corrupt a fraction of the overall content, and
because there is a crc on every small part of the download. That
makes it very hard for any undetected problems to get through,
assuming you check the sum of the files, etc.
The "expensive lesson" involves backups, verifying anything you
download before use, and other best practice issues.
1) The torrent was started from a https site, which I assumed to be
secure. When I contacted the site owner, they had their security look
into the problem and the conclusion was that one of the seeders
managed to maliciously alter the torrent. This affected in the
neighborhood of 18 people/companies .
Unfortunately https only makes the connection secure, not the site or
the content. Sorry you had the issue, you always have to evaluate the
source of anything.
2) It was downloaded to a XP box. Had I been on my Fedora or Solaris
box, such damage would not have happened. The torrent was zipped and
everything started happening when I unzipped the file, not on install.
I misspoke.
And I mis-assumed, that explains the issue. It's possible that the
hacking occurred on Windows sites serving the content, that you got a
bad .torrent file, etc.
3) I had just transfered the photos from the SD cards and had not had
time to back them up. My boxes are all backed up to my server at 3 AM
every day.
So you had to download them all again, which can be a pain.
4) My original post was to inquire if the Developer spin was available
via a straight download, not to discuss the pros and cons of torrents.
I downloaded the F8 DVD as a regular download in 42 minutes. Why would
I want some insecure software exposing me to who knows what risks for
12 or so hours? No Thank you.
Sure, no need to share that free software with others if you don't have to.
So once again I will try to inquire if the spin is available as a
straight download and if so, could I be pointed in the right
direction. I presently use OpenSolaris Developer Edition and would be
very interested in comparing it to the Fedora Developer Spin.
Guess you'll have to buy it on media or subscribe to one of the "pay to
join" sites. And there's no requirement to serve bittorrent for 12 hours
after you download, I rate limit incoming to 4Mbit, but if you have a
fat pipe you can get it very quickly, I had 26 feeds last night for a
re-pull of the line-KDE CD, and about that for the FC8test3 and release
DVDs. Lots of feeds, I'm only getting about 350-400Kbit from a couple of
peers, so there must be lots of people serving.
--
Bill Davidsen <davidsen@xxxxxxx>
"We have more to fear from the bungling of the incompetent than from
the machinations of the wicked." - from Slashdot
--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
