Quote:
Originally Posted by XavierP
It would be far easier to check the md5sum
|
I don't know why that would be easier, since it's the same procedure, just with a different hash algorithm. I also don't know how it would help, since the OP apparently only has SHA1 sums.
There's really nothing to this. Just download an
SHA1 program for Windows and run it on the ISO image. Look at the SHA1 sum it outputs and compare it to the corresponding SHA1 sum in that file. If the values match, then your ISO image is fine and you can go ahead and burn it. If not, then the ISO is corrupted or has been tampered with.
Incidentally, if you are really concerned about security, you should also check the PGP signature on that SHA1SUM file. If the signature doesn't check out, then you can't trust the SHA1 sums in it to begin with.
Of course, while all this checking is good security practice, it's not a barrier to entry. You can always just assume the ISO if good and burn it. You
should go through all these checks, but in reality, many (most?) people just can't be bothered.