Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Hashes are useful when software is hosted on third-party mirrors or CDNs. If the software is hosted on the same server as the webpage about it, then anyone in a position to replace the download can and will replace the hash as well.


Better solution is to use signed software packages. Compromising website is more common than compromising developer private keys.


How are you going to trust the public key?

HN doesn't seem to like Apple/Microsoft as trust brokers, and absent a trusted CA I don't see how this makes the problem any better.


You have to trust someone to build trusted chain. Trusted CA roots from SSL are good practical choice IMO. May be NSA or China government theoretically could crack that setup, but for other adversaries it would be much harder.


They could spread the hash out to several places, e.g. tweet it every time it changes.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: