On Thu, 2011-01-20 at 11:22 -0500, MÃirÃn Duffy wrote: > From talking to numerous novice users in the design of the site I'm > not convinced that a checksum file is something that novice users are > aware of or much concerned about. Ignorance is no excuse, as they old saying goes, and it's something that needs brought to their attention, with the full how and why. > The main download link points directly to Fedora's main server, not a > mirror, so they'd be downloading the checksum from the same source as > the payload anyway. And the non-main download links...? It was always the recommendation, before, to not download from the main site, to spread the load around the mirrors. > When you burn the iso to media it has a built-in media check as well > which would protect against corruption Only against corruptions at that point, not against malicious damage. If someone's capable of releasing a compromised ISO, they're capable of making it claim to pass its own self checks. -- [tim@localhost ~]$ uname -r 2.6.27.25-78.2.56.fc9.i686 Don't send private replies to my address, the mailbox is ignored. I read messages from the public lists. -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines