I've been concerned about security and I have been reading a lot about stuxnet and hearing a lot lately about the leaked NSA exploits and the more recent leaked exploits NYtimes and how they are being sold on the black market. That got me thinking about how important a clean install of Windows is. Then I was thinking that maybe having a physical OS install disk is the only way to know for sure that you are installing a clean install of Windows.
How safe is it to download an .iso of Windows directly from Microsoft?
Using for example: https://www.microsoft.com/en-us/software-download/windows7
Is it farfetched to consider the possibility that an iso could be compromised while it is being downloaded?
Could it be modified while it is being downloaded by
Someone attacking the ISP
An exploit on the router
- A virus on the computer.
More importantly after the iso is downloaded could there be an exploit to
- Spoof the SHA1 using something similar to link
- Trick common software like hash calculator that checks SHA1 into saying that it is correct even if it is not.
Are these potentially ways to compromise a download of Windows OS?
