I was curious to read why certain websites would give you a checksum to check against the downloaded file.
What I found out: when your DNS cache is poisoned, you could end up downloading something from an untrusted source without you realising and that could be infected with virus. For this reason, check sums of downloads are usually available to help you check the integrity of what you have just downloaded.
My question: Surely, if your cache is altered, why wouldn’t you end up to a made up website with new checksums of the infected software? That is, a malicious user would point you to a download page with their checksums.
[link] [comments]
from hacking: security in practice https://ift.tt/1jyPmTl
Comments
Post a Comment