No. of Recommendations: 1
that's a lot of data to upload...

There are many ongoing discussions along this line, many ways to slice the problem.
For example, one could upload the the whole file or any subset more than (say) 50kb.
If the checksum checked only the first 50kb of whatever you upload it would work just as well.
There are lots of simple utilities to take just the first N bytes of a file,
and for those not quite up to that you could just upload the whole thing and wait.
That's just one of a half dozen ideas being discussed.

Might it be easier and quicker to have the user generate and upload an
MD5 checksum of the install files as a mechanism for authenticating
that the user has the latest install?

Simply uploading the checksum doesn't show that you have the file, as
the checksum could be passed around. The goal is to fine a "simple
enough" way to do it that's also very secure for the rights holders.
Requiring an upload is pretty good, as it requires either having the valid
rights or being willing to be very blatant about having ripped them off:
you already had the data anyway, so the server is just crunching it.
We looked at several things that were installation specific, but they
all seem to have the pass-the-magic-number-around problem.
Requiring an upload is crude in a way, but functional and pretty easy to implement.
The only thing more secure would be having access to the current log-on
credentials lists of the data vendors. Might be hard to get those!

Print the post  


When Life Gives You Lemons
We all have had hardships and made poor decisions. The important thing is how we respond and grow. Read the story of a Fool who started from nothing, and looks to gain everything.
Contact Us
Contact Customer Service and other Fool departments here.
Work for Fools?
Winner of the Washingtonian great places to work, and Glassdoor #1 Company to Work For 2015! Have access to all of TMF's online and email products for FREE, and be paid for your contributions to TMF! Click the link and start your Fool career.