FreeBSD RELEASE torrents, including magnet URLs

I prefer downloading OS iso files via torrent but some caution is required.

The following is a general message i.e. "you" doesn't mean grahamperrin .

For those that also like downloading files by torrent please be sure to validate your downloads when they complete with their official SHA256 or SHA512 sums.

You cannot trust the checksums from fosstorrents.com as those are 3rd party. Sure, they've probably posted the right ones but the ONLY sums you can trust are the sums from the official source i.e. a FreeBSD SSL (https) secured URL which in this case is https://wiki.freebsd.org/Torrents . You can use the magnet links at fosstorrents.com no problem, only after you validate the download with its official sum will you know you have a legitimate (iso/img) file.

Security advisory summary: Only trust the publisher's checksums sourced directly from the publisher (via a secure method, here that is SSL (https)). (checksums being SHA256 or SHA512...)
 
cracauer@ please, are you certain?

Given at least: (a) what's in the wiki; and (b) the norm of publishing checksums, for RELEASE, with an expectation that people should use them.

If I'm not giving this my full attention: sorry, I'll be necessarily focused on some other stuff for the next few days. A mixture of focus + motivational stuff :)

TIA
 
If you get a magnet link from a secure source then random seeder people serving you parts of the torrent cannot manipulate those parts.

Bittorrent with magnet links is in a way safer than http download since you get a checksum check, which a plain download doesn't have.
 
cracauer@ said:
If you get a magnet link from a secure source then random seeder people serving you parts of the torrent cannot manipulate those parts.

Bittorrent with magnet links is in a way safer than http download since you get a checksum check, which a plain download doesn't have.
Click to expand...

Exactly. While I appreciate all the work jmg put into setting up the torrents and creating the info page, getting the info broadcast and disseminated is a challenge and most people will either not be comfortable with it not being from an "official" FreeBSD page, or won't hear/read about the torrents at all because it's not on the main FreeBSD download page.

I spun up a seedbox the moment I saw jmg's post specifically to help seed FreeBSD torrents, but it's rare that I see more than 2 people using me as a seed at the same time. I feel this speaks to the need to make the info more public/official. As with tux2bsd I prefer downloading huge files via torrent whenever possible (I test tons of VMs) and I think a lot of users these days feel the same way.
 
You must log in or register to reply here.
Back
Top