Before v5.2.4, hashes/checksums were included in the main repository per version; for example, like with v5.2.2...
https://download.virtualbox.org/virtual ... SHA256SUMS
Furthermore, one could remove the ending file and jump right into the browseable directory to see all the software available and pertinent to that version, such as:
https://download.virtualbox.org/virtualbox/5.2.2/
Today, I noticed that the repository for:
https://download.virtualbox.org/virtualbox/5.2.4/
does not include the hashes/checksums. Rather it's under a new non-browseable directory ('hashes"):
https://www.virtualbox.org/download/has ... SHA256SUMS
Additionally, I cannot simply browse the specific version hash directory; such as:
https://www.virtualbox.org/download/hashes/5.2.4/
or
https://www.virtualbox.org/download/hashes/
I must put in the exact link to the the file as shown above or bust!
I'd lke to know if this was intentional, and if so, why does it seem like a good idea?
If it wasn't unintentional, I hope the previous structure of including the hashes in the main version browseable repository can continue for v5.2.4 and onward.
Seems hashes/checksums are no longer included in main reposititory (v5.2.4)
-
- Site Moderator
- Posts: 27329
- Joined: 22. Oct 2010, 11:03
- Primary OS: Mac OS X other
- VBox Version: PUEL
- Guest OSses: Win(*>98), Linux*, OSX>10.5
- Location: Greece
Re: Seems hashes/checksums are no longer included in main reposititory (v5.2.4)
It was never HTTPS, it was always has been HTTP. Try it... http://download.virtualbox.org/virtualb ... SHA256SUMS.vmanvman wrote:Before v5.2.4, hashes/checksums were included in the main repository per version; for example, like with v5.2.2... https://download.virtualbox.org/virtualbox/5.2.2/SHA256SUMS
If you ignore the warnings from some browsers, you still can. As for the warning, see above.vmanvman wrote:Furthermore, one could remove the ending file and jump right into the browseable directory
Do you realize that it's a different site, a different certificate? If not, then I suggest Wikipedia.vmanvman wrote:Today, I noticed that the repository for: https://download.virtualbox.org/virtualbox/5.2.4/ does not include the hashes/checksums. Rather it's under a new non-browseable directory ('hashes"): https://www.virtualbox.org/download/hashes/5.2.4/SHA256SUMS
Actually, you *did* put the exact link manually, you won't find any HTTPS links that point to the "downloads.virtualbox.org" site. You thought that HTTPS would be more secure, that's why you put the address manually.vmanvman wrote:I must put in the exact link to the the file as shown above or bust!
Unfortunately it was intentional; from your part. And no, it's not a good idea to assume that putting an "S" in a non-existing location is going to make it secure.vmanvman wrote:I'd lke to know if this was intentional, and if so, why does it seem like a good idea?
The previous structure *is* there. You simply chose to re-invent/bypass it.vmanvman wrote:I hope the previous structure of including the hashes in the main version browseable repository can continue for v5.2.4 and onward.
Please search the forums and the bugtracker for similar issues/complaints. It's getting so repetitive, almost ad nauseum, that I might pay the HTTPS bill!
Not...
Do NOT send me Personal Messages (PMs) for troubleshooting, they are simply deleted.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.