Does anybody download iso’s via torrents? Or how to help the actual sites that serve these? Since I trust the source more than torrents… Especially for an image…
Ahh makes sense. I still direct download but I guess if I had Torrent client locally it might be nice. But 3-4GiB on direct download doesn’t take long…
For many with unstable ISP connections, http downloads can get corrupted. Torrents are superior in this regard as the file gets split into blocks that each get checksummed for integrity after completion. This helps to ensure that the large iso is actually complete and won’t just be garbage on an attempted install. Even if you checksum the iso from http download, you have to pull the entire thing again if it is damaged whereas the torrent would just repull the damaged blocks automatically.
It doesn’t, but thousands of people all downloading 3-4GB from the same site will put more load on the site. Torrents avoid this issue by downloading little bits from lots of different peers
I prefer to download isos via torrents. You can easily check the checksum and signature once it’s downloaded. And you’re getting the torrent/magnet link/etc from the source so it’s not some random torrent from piratebay or something lmao
I don’t think that is even necessary. If you download the .torrent file from a trusted source it will already contain a secure hash of the final file. Also every piece you receive also comes with a hash that can also be verified through the .torrent file. If you don’t trust the source enough to provide a valid .torrent, I don’t see how downloading the image directly from them makes any difference.
Read more:
Official BitTorrent BEPBitTorrent V2 and SHA-256
Does anybody download iso’s via torrents? Or how to help the actual sites that serve these? Since I trust the source more than torrents… Especially for an image…
You grab the .torrent file from the source website (Mint, in this case) and it’s safe
Ahh makes sense. I still direct download but I guess if I had Torrent client locally it might be nice. But 3-4GiB on direct download doesn’t take long…
It’s more of a way to reduce costs for the CDN, using torrents everyone contributes and they only have to send a small magnet file.
I might seed a few too then.
For many with unstable ISP connections, http downloads can get corrupted. Torrents are superior in this regard as the file gets split into blocks that each get checksummed for integrity after completion. This helps to ensure that the large iso is actually complete and won’t just be garbage on an attempted install. Even if you checksum the iso from http download, you have to pull the entire thing again if it is damaged whereas the torrent would just repull the damaged blocks automatically.
Fair. That is a good usecase
It doesn’t, but thousands of people all downloading 3-4GB from the same site will put more load on the site. Torrents avoid this issue by downloading little bits from lots of different peers
I prefer to download isos via torrents. You can easily check the checksum and signature once it’s downloaded. And you’re getting the torrent/magnet link/etc from the source so it’s not some random torrent from piratebay or something lmao
Why not direct download from website?
Can be faster than downloading from a centralised server that everyone is trying to download from. But mostly just habit.
I think it saves them costs but idk shit about servers
Avoid detracting from the hosts bandwidth quota.
Verifiying the checksum of an iso takes 30 seconds… You don’t need to trust anyone
I don’t think that is even necessary. If you download the .torrent file from a trusted source it will already contain a secure hash of the final file. Also every piece you receive also comes with a hash that can also be verified through the .torrent file. If you don’t trust the source enough to provide a valid .torrent, I don’t see how downloading the image directly from them makes any difference. Read more: Official BitTorrent BEP BitTorrent V2 and SHA-256
Well you do need to trust the checksum provided. That is the one you are checking against. Better would be a signature from a key you trust.
In the end a modern torrent is just a hash.
Checksum doesn’t verify authenticity. You need to verify the signature
Been on Linux 6 years, never done it. Extra steps
Length of time never means quality of decisions. Always best to validate. So easy to package up malware and farm folks bank accounts.
Hence my threat model hasn’t included torrents.