You can't possibly make a collision SHA-1 with exact file size that still make the ISO usable. That's impossible. Keep in mind that making complex hash's collision always mean larger/smaller file size, let alone making the collided ISO usable. There are also MD5 and CRC32 hashes, and even more hashes out there for you to compare files. If you don't trust one hash, at least you should trust three.
Not really unless those hackers have a lot of time and very expensive equipment. Even the scientists that cracked SHA1 could only create a blob of data with the same SHA1 as the original, it is nearly impossible to create a malicious file that matches the SHA1 of the original given the fact it it is already very hard to create a file random data matching the original. Also when you make statements it would be nice to back them up with some arguments. But anyways, this is not the place to debate that, if you want to believe SHA1 is easily cracked and ISOs with the same SHA1 as on Technet may contain malware than don't install it, but buy the DVD from the shops.
But the DVD can also be hacked by the evil shop sellers They can modify the data on the disc, use some label printing equipment and sell infected DVDs No one is safe - this is my conspiracy theory
To those people that are saying MS needs to release your native language at the same time as the other's you have to consider this: 1. Cost - it is not cheap to translate the WHOLE OS into a diff language, not just slapping a UI language pack on 2. Ease - it is not easy either you have to imagine how many elements are needed to change over 3. Profit vs Cost - It is most cost effective and profitable for MS to release the OS in the 7 most spoken languages in the world first, then your language. Look at it this way. Say I have 10 people that speak English, then I have another 5 people that speak Ebonics. Out of those 10 english speaking people you might get 5 people buying the product. Out of those 5 Ebonics speaking people you might get 3. So your profit margin is already smaller in another market, and when you factor in cost that basically makes other releases at the same time of RTM not cost effective. 4. Audience - More ISVs,IHVs, Partners and OEMs fit into the wave0 language releases than don't so that is why they release those 7 first. As big as MS is it is still a business and still has to run effectively. So to release every language at the same time would not only push the product back costing money in lost deadlines, but also profits. If you can get the product out to the majority of people then worry about the smaller groups in waves then that is sound and good business.
Hahaha, yeah, I've seen some pretty good copies back when I lived in south-east Asia. For me personally, if Technet publishes the SHA1 and it matches the ISOs that are being leaked then I'm happy with that.
well wzor iso's and VHD's have never been bad, its the people that wait for it to come out on msdn and dont think its right to leaked builds that they have to pay for, so they reupload them with viruses.