Bittorrent secure?

Hanspeter Roth hampi at
Tue Jan 25 12:58:51 PST 2005

  On Jan 25 at 14:48, Chuck Swiger spoke:

> Hanspeter Roth wrote:
> >how secure is Bittorrent?
> It's not secure.
> >How can one know how trustworthy the stuff
> >downloaded from other Bittorrent fellows is?
> You need to have an external source of information which specifies a 
> checksum or MD5 hash to confirm that the file has not been tampered with.  

That to say I should download CHECKSUM.MD5 from one of the public
FTP-servers by hand and do the MD5 checks myself, right?

> If you trust the Torrent tracker file, then BitTorrent has this part 
> built-in.  Otherwise, you would use something like the distinfo files in 
> /usr/ports to help confirm the validity of files.

BitTorrent doesn't get some public checksums from some public
servers transparently, does it?

> On the other hand, Torrent doesn't do any worse than FTP or HTTP.

The FTP-servers should be more or less official and should contain
more or less uncompromised data.
Hosts that offer BitTorrent probably are less official.


More information about the freebsd-questions mailing list