Comment Re:Hide behind todays popular hate-topic... (Score 1) 182
Download checksum are usually one or more of MD5SUM, SHA1SUM and SHA256SUM.
A simple transposition of bytes will not generate identical hashes.
From RFC793:
The checksum field is the 16 bit one's complement of the one's complement sum of all 16 bit words in the header and text. If a segment contains an odd number of header and text octets to be checksummed, the last octet is padded on the right with zeros to form a 16 bit word for checksum purposes. The pad is not transmitted as part of the segment. While computing the checksum, the checksum field itself is replaced with zeros.
The extremely weak checksum of the TCP header (or even IP header) will not detect byte transposition.
And no amount of checksumming will stop drive-by-downloads from browsers that still don't understand basic security. (Really, Javascript permissions should have been introduced in Netscape 2.0.)