Posted by
CmdrTaco
on from the stress-those-pipes dept.
mkool writes "Exactly on schedule.
Fedora Core 2 is now officially available from Red Hat and at distinguished mirror sites near you, and is also available in the torrent."
Say what you will about Fedora/Red Hat, but I've set up 2 Fedora boxes recently for 2 people who have never used Linux, and they've both remarked how well it looks and works. Keep up the good work guys!
-- this sig limit is too small to put anything good h
Re:shameless karma whoring
by
chadm1967
·
· Score: 5, Insightful
Would have been a hell of a lot easier to just type:
http://fedora.redhat.com/download/mirrors.html
Re:very useful
by
glrotate
·
· Score: 3, Insightful
Perhaps you could work out, for the curious amoung us, what the probability of 2 random sets of 2GB of data have the same md5 signature?
Does this probability increase or decrease with increasing likeness of data?
Thanks
Re:Link to eMule
by
chefren
·
· Score: 2, Insightful
Why bother (in this case) when bittorrent is much faster?
Does this apply to Win2K as well as WinXP? I sadly need to keep Win2K around for some work-related stuff, so I can't risk randomly nuking it by installing Fedora:).
Re:very useful
by
Anonymous Coward
·
· Score: 1, Insightful
The md5sum algorithm must have had more work put into it than that. It's not sufficient that every byte in the file affects the output of the hash function.
e.g.: for a hash function, I could sum all the bytes in the file and mod by 2^256... this would fulfill the conditions you've listed. For distinugishing random data it would be a decent hash function. But for defending against people who try to cause a trojanned file to have a collision with the real deal, it would suck.
Basically, as users we have to hope that in some sense it is generically difficult for a person to whip up a file having a desired md5sum. I'm not quite sure how to formulate that in a way that's both useful and precise. It's tempting to say that it would suffice to use a hash function that is not easily reversible, but I don't think that's actually relevant.
Of course someone who may actually know what they're talking about has written a wikipedia article.
Re:bitchfest
by
Anonymous Coward
·
· Score: 2, Insightful
Yeah, at least in my experience, up2date comes broken out of the box. It's points at some worthless heavily overloaded RedHat servers, plus it's shitty network handling (Python's fault?) causes packages to get "signature errors" during download, with zero recourse. (Plus as an added newbie feature, it allows you to install corrupted donwloads.)
Thus to even get your system patched, you have to wander around forum links, read a bunch of contradictory information about everyone's fav update tool, read the "yum" documentation, and hack text files to use the up2date mirrors.
For all the griefing about how Windows users don't patch, it's shocking how totally crappy Fedora's user experience is here. This is not even remotely close to "Windows Update".
Re:Fedora Core 2 is FAST!
by
wolf31o2
·
· Score: 2, Insightful
I don't want anyone to think that this is a put down against Fedora, they do some wonderful work, but nothing that you mentioned has anything to do with Red Hat/Fedora. You should instead be thanking the kernel and Gnome developers for making your distribution faster.
Re:nVidia driver HOWTO
by
DrWhizBang
·
· Score: 2, Insightful
... or just wait a couple of weeks until nvidia updates their drivers. I'm running FC1 at home, and there's no way I'm upgrading it until there has been a bit of "soak time" for new drivers to come out, and for third parties to update their package repositories. I don't really have time to mess around with a broken system (nor would my wife and kids tolerate it.)
-- Schrodinger's cat is either dead or really pissed off...
Re:Mod story +1 Funny
by
soloport
·
· Score: 2, Insightful
Yes, exactly on schedule. Right. Did you not notice that their schedule was revised about 5 times along the way?
Even after all the help and effort, to keep things on track, that you contributed?!
Those slackers.
Wait a couple of months
by
Danathar
·
· Score: 2, Insightful
Historically every time RedHat distros have jumped major kernel releases the train wreck after the release took a couple of months to iron itself out. I'd recommend to anybody who wants to use FC 2 (and don't want to deal with the odd kernel problems) wait 2 to 4 months before doing an install. That way the major kinks will be ironed out.
I did'nt want to upgrade my servers from RH 9 to Rh Enterprise, so I waited until LAST week to install FC 1.
The boot.iso image is not part of the Fedora Core distribution images and does therfore not have it's MD5 sum listed. It is instead a part of disc1, since you can find it in the "images" subdirectory on the first disc.
The boot.iso in Fedora is the replacement for the many different boot diskette images that used to ship with distros. Using boot.iso you can perform a fully graphical installation of Fedora using many different sources. For example, you can do a network (FTP, HTTP, NFS..) installation or you can have it use the other Fedora discs (though this is pretty pointless, as disc1 is also a boot disk).
I prefer to simply burn the boot.iso image to a CD-RW disc with each release and doing a FTP installation with it, thus saving me 4 discs. It's also faster in my case than burning the discs, since my network is ridiculously fast:)
Re:very useful
by
MourningBlade
·
· Score: 2, Insightful
It's not the probability of two random sets of 2GB date having the same md5 signature, it's the probability of one md5 signature being the same as another md5 signature. See Birthday Paradox for more information.
The good news is that that means the probability is much lower.
The following is a rather naive calculation, but it will do.
MD5 produces a 128 bit signature, with 128 meaningful bits (ie no parity checks or anything). By pigeonhole principle, this means that any data input larger than 7 bytes must have collisions.
So, given a dataset of 2GB (ie ~8^2,000,000,000 different values), for any given MD5 value there are ~8^1,999,999,993 values that would give it. This is a lot, but you'd still have to search around 8^7 (~2 million) values in order to get a collision.
It would take a long time.
And that's assuming that you weren't trying to introduce some sort of attack.
So, with an MD5 it's extremely unlikely (8^-7) that you'd hit a collision, and it's ungodly unlikely that you'd be able to construct a malicious collision.
Re:A question about torrent
by
pavon
·
· Score: 2, Insightful
I'm not saying I won't or that I think it's a bad idea, just that I don't get the imperative that's implied by the web site in question and your post, since I've been giving everything I recieved as I recieved it.
That is the crux of the issue. For most people the amount of data that the client uploaded while in the process of downloading is much less than the amount they downloaded. This is because most broadband connections (and modem for that matter) have a bigger download bandwidth than upload. In this case you haven't given everything that you have recieved, because your upload rate couldn't keep up with the download.
If you are fortunate enough to have a balanced connection, and your client shows that you have uploaded as at least much as you have downloaded by the time your download is complete, then you have done your fair share (although you can always be extra nice and keep it open even longer to help others out:).
Slashdot Mirror
Say what you will about Fedora/Red Hat, but I've set up 2 Fedora boxes recently for 2 people who have never used Linux, and they've both remarked how well it looks and works. Keep up the good work guys!
this sig limit is too small to put anything good h
Would have been a hell of a lot easier to just type:
http://fedora.redhat.com/download/mirrors.html
Perhaps you could work out, for the curious amoung us, what the probability of 2 random sets of 2GB of data have the same md5 signature?
Does this probability increase or decrease with increasing likeness of data?
Thanks
Why bother (in this case) when bittorrent is much faster?
Does this apply to Win2K as well as WinXP? I sadly need to keep Win2K around for some work-related stuff, so I can't risk randomly nuking it by installing Fedora :).
-- Help Digitise the Public Domain at DP.
The md5sum algorithm must have had more work put into it than that. It's not sufficient that every byte in the file affects the output of the hash function.
e.g.: for a hash function, I could sum all the bytes in the file and mod by 2^256... this would fulfill the conditions you've listed. For distinugishing random data it would be a decent hash function. But for defending against people who try to cause a trojanned file to have a collision with the real deal, it would suck.
Basically, as users we have to hope that in some sense it is generically difficult for a person to whip up a file having a desired md5sum. I'm not quite sure how to formulate that in a way that's both useful and precise. It's tempting to say that it would suffice to use a hash function that is not easily reversible, but I don't think that's actually relevant.
Of course someone who may actually know what they're talking about has written a wikipedia article.
Yeah, at least in my experience, up2date comes broken out of the box. It's points at some worthless heavily overloaded RedHat servers, plus it's shitty network handling (Python's fault?) causes packages to get "signature errors" during download, with zero recourse. (Plus as an added newbie feature, it allows you to install corrupted donwloads.)
Thus to even get your system patched, you have to wander around forum links, read a bunch of contradictory information about everyone's fav update tool, read the "yum" documentation, and hack text files to use the up2date mirrors.
For all the griefing about how Windows users don't patch, it's shocking how totally crappy Fedora's user experience is here. This is not even remotely close to "Windows Update".
I don't want anyone to think that this is a put down against Fedora, they do some wonderful work, but nothing that you mentioned has anything to do with Red Hat/Fedora. You should instead be thanking the kernel and Gnome developers for making your distribution faster.
... or just wait a couple of weeks until nvidia updates their drivers. I'm running FC1 at home, and there's no way I'm upgrading it until there has been a bit of "soak time" for new drivers to come out, and for third parties to update their package repositories. I don't really have time to mess around with a broken system (nor would my wife and kids tolerate it.)
Schrodinger's cat is either dead or really pissed off...
Yes, exactly on schedule. Right. Did you not notice that their schedule was revised about 5 times along the way?
Even after all the help and effort, to keep things on track, that you contributed?!
Those slackers.
Historically every time RedHat distros have jumped major kernel releases the train wreck after the release took a couple of months to iron itself out. I'd recommend to anybody who wants to use FC 2 (and don't want to deal with the odd kernel problems) wait 2 to 4 months before doing an install. That way the major kinks will be ironed out.
I did'nt want to upgrade my servers from RH 9 to Rh Enterprise, so I waited until LAST week to install FC 1.
Regardless of the kinks, Fedora IS a cool distro!
The boot.iso image is not part of the Fedora Core distribution images and does therfore not have it's MD5 sum listed. It is instead a part of disc1, since you can find it in the "images" subdirectory on the first disc.
:)
The boot.iso in Fedora is the replacement for the many different boot diskette images that used to ship with distros. Using boot.iso you can perform a fully graphical installation of Fedora using many different sources. For example, you can do a network (FTP, HTTP, NFS..) installation or you can have it use the other Fedora discs (though this is pretty pointless, as disc1 is also a boot disk).
I prefer to simply burn the boot.iso image to a CD-RW disc with each release and doing a FTP installation with it, thus saving me 4 discs. It's also faster in my case than burning the discs, since my network is ridiculously fast
It's not the probability of two random sets of 2GB date having the same md5 signature, it's the probability of one md5 signature being the same as another md5 signature. See Birthday Paradox for more information.
The good news is that that means the probability is much lower.
The following is a rather naive calculation, but it will do.
MD5 produces a 128 bit signature, with 128 meaningful bits (ie no parity checks or anything). By pigeonhole principle, this means that any data input larger than 7 bytes must have collisions.
So, given a dataset of 2GB (ie ~8^2,000,000,000 different values), for any given MD5 value there are ~8^1,999,999,993 values that would give it. This is a lot, but you'd still have to search around 8^7 (~2 million) values in order to get a collision.
It would take a long time.
And that's assuming that you weren't trying to introduce some sort of attack.
So, with an MD5 it's extremely unlikely (8^-7) that you'd hit a collision, and it's ungodly unlikely that you'd be able to construct a malicious collision.
I'm not saying I won't or that I think it's a bad idea, just that I don't get the imperative that's implied by the web site in question and your post, since I've been giving everything I recieved as I recieved it.
:).
That is the crux of the issue. For most people the amount of data that the client uploaded while in the process of downloading is much less than the amount they downloaded. This is because most broadband connections (and modem for that matter) have a bigger download bandwidth than upload. In this case you haven't given everything that you have recieved, because your upload rate couldn't keep up with the download.
If you are fortunate enough to have a balanced connection, and your client shows that you have uploaded as at least much as you have downloaded by the time your download is complete, then you have done your fair share (although you can always be extra nice and keep it open even longer to help others out