Friday, June 18, 2010

Checksum poll draws clear conclusion: I need a new poll mechanism

Earlier this week I launched another of my ridiculous polls to find out what your stance is on download checksums.  Here's what I found out: the overwhelming winner was who-needs-them-just-download-and-run

MD5, SHA1 and PGP are your favourite methods, in that order. Strangely, I got a few hits for a totally invalid response: only-when-I-DL-from-eclipse-dot-org-dont-trust-those-webmasters. Shocking!

Of course, even with a radio-button-type of poll, folks feel compelled to hack my system and fill my Apache logs with senseless commentary   ;-)

can-i-trade-them-for-beer: Checksums are free as in beer, so technically, we've already traded.  Or there is nothing to trade.  I'm confused now.

i-know-i-should-use-them-but-my-downloads-run-fine-most-of-the-time-and-eclipse-releases-are-signed-anyway: The Eclipse "release" isn't signed -- the individual JAR files inside are signed.  As far as I know, the "eclipse" executable (eclipse.exe for you Windows fans) isn't signed...

Then the typical comedians:




So there you have it.  For those who feel checksums are important, I've incorporated a mechanism to display checksum links for very file that asks you to pick a mirror:


Post a Comment

<< Home