I don’t know if I must report a security issue. I downloaded the torrent file from the download page for the 4.1.1 version. I downloaded the iso (and share…) but when I tried to verify the iso it fails.
The DIGEST is signed correctly.
gpg2 -v --verify Qubes-R4.1.1-x86_64.iso.DIGESTS
gpg: en-tête d'armure : Hash: SHA256
gpg: nom de fichier original : « »
gpg: Signature faite le ven. 15 juil. 2022 05:50:34 CEST
gpg: avec la clef RSA 5817A43B283DE5A9181A522E1848792F9E2795E9
gpg: utilisation du modèle de confiance pgp
gpg: Bonne signature de « Qubes OS Release 4 Signing Key » [totale]
gpg: signature mode texte, algorithme de hachage SHA256, algorithme de clef rsa4096
Test with sha256sum failed
sha256sum -c Qubes-R4.1.1-x86_64.iso.DIGESTS
Qubes-R4.1.1-x86_64.iso: Échec
sha256sum: Attention : 20 lignes ne sont pas correctement formatées
I will not say that I am 100% sure, but I did verification to be at 99,99%
It was the first thing I suspected and I still doubt the issue is not coming from transmission software. It notifies that the download was finished and the size of the iso was around 5,4 Go on the disk. That’s the part of the doubt, the real size the iso must have.
Did you check the file size of the torrented iso and compare it to the downloaded iso from the website? If the file sizes are the same, but one has a good hash and one has a bad hash, you likely downloaded a tampered qubes iso, and if so the developers would probably be interested in seeing it for research purposes.
Is it possible that your command is pulling the first sha256 hash available and that there are multiple sha256 hashes that differ depending on whether it is a download from the website or a torrent iso?
I’ve never heard of a sha512 being correct and a sha256 not being correct for the same file. I think it would be mathematically impossible absent some sort of error in the hash listings or user error. (edit: @chrisa is likely right, it would be mathematically so unlikely that it’s asymptotic to a probability of zero, but not in fact zero.)
I’m pretty sure, it’s possible to have 2 different inputs to sha512 give the same checksum (a collision) - but it would be unlikely to happen … and in that case, sha256 would be the “whistleblower” to say “Look! - they look the same to sha512, but they are not the same!”
I had to remove the torrented iso to download the iso from https because of disk space. I did du -sh for the size of the iso torrent, it will be better I just did du and compare the sizes.
Unfortunately It was afterward I thought that it would be a good idea to keep both iso for forensics. But first I focused on downloading the good file.
To clarify my initial message, for the torrented iso sha256sum was wrong and I try to get sh512 with openssl and compare the value within the DIGEST files. So both were wrong. The good sha512sum was the one for the iso downloaded with https.
So that means someone is sharing fake/corrupt/infected qubes isos via torrent? Unless @liochan is making a mistake, but it doesn’t seem like liochan is.
If this is true, people should be aware of it because people sometimes forget to check hashes, even though it’s a terrible thing to forget to do.
I believe torrents are automatically “checksummed” to some extent (maybe it’s cryptographically weak hashes ?). So that would potentially be a problem with the magnet link or the .torrent file.
Thank you @crkorg but it is possible I did something wrong.
I retried to download the torrent and this time the hashes are good. So 2 options :
I did a mistake
Someone is tampering the torrent
I bet for the first one Because even if I think it is possible to tamper a file, based on my basics knowledge of torrent, it will be hard and lucky to provide all chunks to a target.
Next time I will verify in a better way to remove the doubt of a mistake.
Thank you ! I will definitively take this hypothesis as the right as it discards that I did a mistake
It’s been years since I’ve torrented, but sometimes there were edge cases various torrent clients didn’t handle well, e.g.: restarting the client and continuing downloads; knowing when to recheck the partially downloaded content after interruptions (a system restart or crash); reporting Done before all data was flushed from the app’s internal cache; bugs that showed up on file systems with different sparse file semantics that the ones the app was tested on, etc.
So…maybe “they” really are out to get you…but maybe also software/hardware is unreliable sometimes.