Do You Verify Your Downloads | Geek on the Loose

18Jan/090

Do You Verify Your Downloads?

Do you verify the integrity of your downloads?

I saw a notice announcing a new release of Apache Tomcat Native this morning, and when looking at the page, saw the usual notice, as follows:

"Use the links below to download Tomcat Native from one of our mirrors. You must verify the integrity of the downloaded files using signatures downloaded from our main distribution directory."

That made me wonder how many people who download actually do verify the integrity of their downloads? I know I do, but I've worked with developers who don't. It would be interesting to do a poll on that. I'd also be interested in knowing of any cases where the integrity verification failed. I've never had one fail.

Filed under: Security Leave a comment

Comments (0) Trackbacks (0) ( subscribe to comments on this post )

No comments yet.

Leave a comment

No trackbacks yet.

« Be a Wizard of SSL Dependency Injection and Inversion of Control »

safe to click,
no evil Javascript on these links

Menu

Recent Posts

Geek News RSS

Researchers Say Happiness Costs $75k September 7, 2010
JBoss Benchmark Claims HornetQ is the Performance Leader of Enterprise Messaging Systems September 7, 2010
Ajax control toolkit - Confirm button extender September 7, 2010
7 Brilliant and Highly Addictive HTML5 and JS Experiments September 7, 2010
NYT Password Security Discussion Overlooks Universal Logins September 7, 2010
.NET Links of the Week #35 September 7, 2010
Daily Dose - Google Pays Big Money to Keep Developers from Going to Facebook September 7, 2010
Redis 2.0 and GORM for Redis Released September 7, 2010
Javascript Jems - a new take on objects September 7, 2010
Announcing GORM for Redis September 7, 2010
Sponsored Post: deviantART, Okta, CloudSigma, ManageEngine, Site24x7 September 7, 2010
PDF XSS (CVE-2010-0190) September 7, 2010
A confused critique of identity federation September 6, 2010
Hilarious Video: Relational Database vs NoSQL Fanbois September 5, 2010
The Effect of Snakeoil Security September 4, 2010
A False Sense of Security September 4, 2010
Vulnerable Web Applications To learn Web Application Testing ... September 4, 2010
Fuzzing for Design Bugs? September 3, 2010
Hot Scalability Links For Sep 3, 2010 September 3, 2010
WASC Threat Classification 2 - Wordle September 3, 2010
UAE Man-in-the-Middle Attack Against SSL September 3, 2010
Six guiding principles to Consolidate your IT September 3, 2010
Facebook To Add Remote Logout September 3, 2010
A False Sense of Security September 2, 2010
Distributed Hashing Algorithms by Example: Consistent Hashing September 2, 2010
Scale-out vs Scale-up September 1, 2010
Paper: The Case for Determinism in Database Systems September 1, 2010
Effect Choreography in Flex 4 August 31, 2010
Pomegranate - Storing Billions and Billions of Tiny Little Files August 30, 2010
Skinning Components in Flex 4 August 28, 2010