Frank Murphy <frankly3d <at> gmail.com> writes: > > A built-in checksum is only useful for checking for natural corruption, not a > > deliberate fake (since in that case it's easy to change the checksum to the > > correct one for the fake). Even md5 is more than enough for this purpose. > > > > So it's not error proof, > it can fail and still have a perfect disk, correct. Yes, there can be a bug that causes the mediacheck to fail even though the disc is good (this actually happened recently during development). Conversely, it can pass even if the disc is fake. Personally, I always do the external check, for example Fedora-16-x86_64-DVD.iso is 3757047808 bytes, so after burning I check it by running dd if=/dev/dvd bs=2048 count=1834496 conv=notrunc,noerror | sha256sum (since 3757047808/2048=1834496) and comparing the sha256sum to the checksum file. This has the slight advantage that it checks the entire image, while the built-in check leaves out the small part containing the md5 itself. It's also the kind of check you'd want to do if someone you didn't know or trust handed you a "Fedora" disc, since in that case the disc can't be trusted to check itself (if you burn it yourself from an ISO that you verified has the right sha256sum, that's not an issue). -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
