View Single Post
Old 13th July 2014
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,977
Default

Yep. This is why you are given the SHA-2 hashes -- it is your responsibility to review them and compare them from multiple mirrors.

And while the SHA algorithms are US NIST Standards -- meaning you may not trust them due to the NIST's ties to another famous government agency that can't get out of the news no matter how much it wants to -- they were openly developed and later adopted by NIST, and the hashes can be checked by a vast number of tools across all sorts of computing platforms.
Reply With Quote