Anyone have any experience with the ventoy software. It’s actually something neat I thought of years ago that someone with better skills than me made. It’s rather fun for distro hopping. It basically turns a flash drive into a iso machine. Rather than having dozens of small usb drives for different ISO’s. It has dozens of iso’s on one drive.
The problem I have run into is the iso’s don’t always return a clean hash. Meaning yes the sha 256 sums won’t match. I think I read some place that these errors are because of how the system has to mount the iso. That said IDK how to audit the code on something like this.
If any of the experts here that know this kind of stuff were to take interest. I would love to hear there opinion.
There is literally a sum checking setup in the ventoy interestingly enough. When I check it in the iso’s sans the ventoy before i drop them on the drive it looks clean. That being the case I am curious about others opinion on this iso management tool.
It seems legit.
Is still wont install the images that don’t return a clean hash.
Or, if you don’t like clicking on links, search for “ventoy binary blobs”.
Note that writing “binary blobs” is wrong - like writing “ATM machine”, because “blob” is itself an acronym, “Binary Large OBject”. But hey, that’s how people write it and if you want to get search results you have to go with the flow…
A few years ago I used Ventoy a lot. Every day. But then I came across those discussions. I read the speculation about the implausible blobs and the injected root certificates. For now, I’m not using Ventoy anymore. It’s a pity. My pockets are full of USB devices now. But safety first? Or am I just overreacting?
Hmm strange I just copied the links in the article that was linked to by barto. I am not an expert in link structure but its odd these all refrence the source site. Any way. Are any of these projects as good as ventoy at what they do. It seems I face the ultimate question when you come across a tech that works well and seems like the next great step is it a trojan horse. Or is the inventor just keeping there cards close to there chest for profit. An to be clear I didn’t use ventoy to install or was I trying to install qubes with it.
Any way thanks for the feedback I get the point not a secure way to install an ISO. Ill keep this in mind. Sucks I love it as a fun tool much easier than burning one iso at a time.
It was just so easy too you know. I love drag and drop stuff it’s so simple. I’ll format the drive I bought for it and see if other projects will do the same with a little extra work. Seems to me that the guy is honest but how do you know. its a low key frustration with computers I have had for ages. it’s like I love the box I hate the box, am I right.
I cant audit code like the better of us so I am always walking around in the dark just feeling it out. I have so many other things on my plate with family etc. It’s not something that comes natural as such I don’t give it allot of my time.
i suppose now a days I could ask AI to just make the tool for me but IDK that seems like a hell of a rabbit hole.
), but can’t accept injection into my images.