-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
The Friday 2007-04-06 at 20:41 +0200, Anders Johansson wrote:
> > Should I remind you that SuSE/Novell uses torrent to distribute the iso
> > images of the distribution? Indeed, the "virus" that SuSE distributes is
> > the one I have installed in my system, alive and running - it is called
> > "opensuse linux"!
>
> That doesn't change the fact that bittorrent in itself doesn't have security.
> It also doesn't change the fact that a checksum is not a security feature. It
> only helps you ensure that what you get is what the other side sent. In the
> end, you're still stuck with the question "do I trust the sender". Bittorrent
> doesn't help you with that
And that's way more than what ftp does: I normally get what the other side
sent, with no integrity check. The same as any other file transfer
protocol, be it ftp, http, samba, nfs... you name it, I have to trust what
the other side sends. With torrent at least integrity is checked.
You are missing the point: torrent, in the way that Novell uses it to
distribute opensuse, is as secure as can be. It is they who post the link
with the checksums, and it is they who put the seeds. We don get those
from out there in the wild.
- --
Cheers,
Carlos E. R.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Made with pgp4pine 1.76
iD4DBQFGFpe6tTMYHG2NR9URAs3wAKCEgV4OeyGS9j4dtRkRObeQomuoVwCY2Csp
APpPpFLTwi45TeRFcVXVog==
=Y1UX
-----END PGP SIGNATURE-----
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
