For what it's worth, here are the SHA256 checksums I have. If yours
do not match, then one of us is almost certainly in trouble.
9cab176de23cecd532851def8eda1a8a3a8195cb0f85991041a1a1548867cd8d
jitsi_2.8.5426-1_amd64.deb
3eab29510f16c0ad962ac5df3b7d6d5d34cfd104f52cc060eb541c522f18fbbc
jitsi_2.8.5426-1_i386.deb
5f896a0ca8b1e5c9e0e7d568684b3c8e931cf4f8a33ccd7d6accb100be961369
jitsi-2.8-5426.i686.rpm
5c1f0143034f11c9d7d780cfc52522107ff80823a43a576c09acac65ba81ea74
jitsi-2.8-5426.x86_64.rpm
91980b803ba5c165c5ec109b784a7338bf5d1af2f866c513baf114bbda2953a4
jitsi-latest.dmg
9cf2a12d2f2a40f392e42eab131b4b65c8ffdf8626f2cd6924922ed7c2e0c3e3
jitsi-latest-x86.exe
e649867e186cf195c4b1bb159d7ffe0a38c4dc60659e5c55f9a74461a309f36c
jitsi-src-2.8.5426.zip
I think the reason people are not convinced that TLS is enough is due
to the number of CAs which have been found to be compromised (e.g.
Comodo), as well as things like this:
https://www.cdw.com/shop/products/RSA-ROOT-SIGNING-SERVICE/1628425.aspx
The idea with publishing the hashes is that the hash would be
published on one server, and the binary would be published on another.
The servers should be controlled by different people. Somewhere this
was lost along the way and people started publishing the hashes right
next to the binaries. While it makes them easier to find, it defeats
the purpose, as Fernando pointed out.
Having a public key embedded into the software which takes care of the
verification on update would work if there is an automated update
mechanism to check and download the updates. If properly implemented,
that solves the problem once you have a copy of the software, but what
about the first time you downloaded the program?
Publishing a public RSA key could help, but we're back to the root of
trust problem. How do you know that key is actually the authors? If
you assume that TLS is not perfect, then the public key could have be
swapped out, just as a hash could.
Personally, I like the idea of having a hash and a signature for
releases which are downloaded over HTTPS. There's RSA for the people
who are paranoid (and it's up to them to make sure that the public key
actually belongs to someone who is trustworthy). There's a hash for
casual checking, and there's TLS for the people that are either
unwilling or unable to check the hash.
In general, it would be interesting to see independent parties sign
releases. For example, a security expert could review the code and
sign it saying that the source matches the binary, or that they went
through the source code and didn't find any (major) issues. A
performance person could sign off on it saying that it is written in a
reasonably efficient manner. Then users could decide that they trust
anything that Joe the security guy has reviewed and signed, and set a
theoretical policy which would only allow installing packages which
are signed by someone that particular user feels comfortable with.
We're a long way off from that. Also, just to be clear, this idea of
having independent reviewers and allowing users decide who they do or
don't trust is not new. It dates back to at least 1992 with
Zimmermann, possibly earlier. Maybe in another 20 years we'll have
something like that...