Verifying the Integrity of Linux ISO Images

196

mintdownloadWith the current fervor about compromised ISO images, lots of people (including me) are saying that you should always verify an ISO image after downloading, and before installing. Here is a discussion of why and how to do that.

In my recent post about the handling of the security incident and compromised ISO image at Linux Mint, I said at the end that users should always verify the checksum of a downloaded image before installing it. In response I received several good comments and emails pointing out that just verifying the checksum isn’t really good enough.

This might seem like a rather daunting task at first, because many users are not familiar with the concepts involved or the tools used to perform the validation. In fact, it’s really a fairly easy thing to do, and it only requires three steps:

Read more at ZDNet News