You can use this site | alt Hacker News

firesteelrain • last Saturday at 10:29 PM • 1 reply • view on HN

You can use this site https://distro.ibiblio.org/tinycorelinux/downloads.html

And all the files are here https://distro.ibiblio.org/tinycorelinux/16.x/x86/release/

I posted that above in this thread.

I will add that most places, forums, sites don’t deliver the hash OOB. Unless you mean like GPG but that would have came from same site. For example if you download a Packer plugin from GitHub, files and hash all comes from same site.

Replies

maccard • yesterday at 4:55 PM

> I will add that most places, forums, sites don’t deliver the hash OOB. Unless you mean like GPG but that would have came from same site. For example if you download a Packer plugin from GitHub, files and hash all comes from same site.

This thread started by talking about the site serving the download (and hash) over http. Github serves their content over https, so you're not going to be MITM'ed. There are other attack vectors, but if the delivery of the content you're downloading is compromised/MITM'ed, you've lost.

➕ show 1 reply