Thursday, January 05, 2012
I downloaded the code from another mirror and everything worked correctly. I notified the mirror site of the inconsistency, and carried on. However, I often wonder how much we shortcut our work, and fail to check that vital information.
Here is a gentle reminder. If the code has an MD5, SHA, and cryptographic signature, please take the extra 5 minutes to check all three. It will verify your downloads, are safe.
Also keep in mind that if you don't, and make a war file that contains these potentially infected sources, you are propagating the problem.